Index
A
Abnormal statement execution, 163–164
ACID model, 11–12
Active connections, collection of, 115, 160
Active sessions, collection of, 115, 160
Active unauthorized SQL server connections, 156
abnormal statement execution, 163–164
foreign IP addresses, 160
nonstandard database endpoint usage, 162–163
nonstandard SQL clients, 160–161
suspicious logins, 161–162
Active VLFs, 70–71
analysis of, 282–306
in case study, 416–421
collection of, 184–188
recovering deleted data from, 345–349
Activity reconstruction
of cached database statements, 277–281
in case study, 411–421
of data cache, 274–277
data recovery, 340–356
of DML operations (active VLFs), 282–306
of DML operations (reusable VLFs), 306–317
identifying anomalies, 317–322
identifying injection ...
Get SQL Server Forensic Analysis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.