So it is better to restrict the user at the database level by minimizing his\her access because for terminal access a login account is to be created at the Server...