Help wanted for an interview...

  • Hi all,

    I've got a spec that I'm trying to get a good global picture of, so I can knock their socks off.  A lot of it makes sense, some things don't, I'm not too savvy in management-speak (which I've marked '???'), any thoughts?

    It's for a sports company interested in the following:

    1) Putting in compliant practices across their European region (they have several continental Soccer teams);

    2) Capacity Planning (I'm presuming they want future projections of DB and Log growth in terms of both transactions and server resources)

    3) Change Reconciliation ???

    4) Wintel Segregation of Duties (I presume they're trying to separate NT Admins from SQL Admins, but again, ???)

    5) Log Review Process Implementation ????

    6) Threat to a particular database arising from ODBC - always been more Admin than Dev, what might be going on here??

     

    Thanks in advance!

     

  • I can't answer all of this, but some thoughts that come to mind:

    1) Across multiple countries, so usage of Nvarchar is something to consider.

    2) Agreed - likely to want to talk about growth trends, of DB's, log's, backups, and maybe trend predication for future requirements in terms of DASD etc. They "might" also be itnerested in similar detail around CPU, memory usage?

    3) Change reconcilliation? Hmm - maybe around process, like ensuring that all changes are don via a controlled, documented process (releases for major code, production support, change control numbers, sign-off from representative owners for production changes, logging of changes to a centralized change structure ((previous company had a table that logged the build script version, build script name, date run, who ran it, etc.).

    4) Not sure about "Wintel" - segregation of duties in my environment means ensuring that, for example, people who develop code, do not do the sign-off, testing, or production implementation of that code. The administrators/dba's for DEV/TEST do not have access to Pre-Prod or Prod. etc. The concept is minimizing the risk of one person design, releasing and using/abusing code/data.

    5) "Log Review" - hmm - well perhaps that refer's to using Log Explorer/Log PI (or other) tools to analyze logs in problem situations. Perhaps also SQL Server and Event Log revieiwng in an issue. So for example - if a server fails, what log review process would you go through. To which an answer might be: Event Viewer for System, Security and Applications logs. Save those logs. SQL Server Enterprise manager for SQL Logs. Save those logs. pssdiag (is that the right name - can't recall atm) to extract in case required to send through to MS PSS. Log Explorer/Log PI to review database transaction logs, if necessary. This is all of the cuff - I'm sure there' a lot more/better ideas out there.

    6) Sounds like SQL injections etc.

     

    CiaO 4 NoW

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply