You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/relational-databases/security/sql-server-security-best-practices.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -156,8 +156,8 @@ To minimize the risk of a side-channel attack, consider the following:
156
156
Consider the following common infrastructure threats:
157
157
158
158
-[Brute force access](/defender-for-identity/compromised-credentials-alerts) - the attacker attempts to authenticate with multiple passwords on different accounts until a correct password is found.
159
-
- Password cracking / [password spray](/security/compass/incident-response-playbook-password-spray) - attackers try a single carefully crafted password against all of the known user accounts (one password to many accounts). If the initial password spray fails, they try again, utilizing a different carefully crafted password, normally waiting a set amount of time between attempts to avoid detection.
160
-
-[Ransomware attacks](/windows/security/threat-protection/intelligence/ransomware-malware) is a type of targeted attack where malware is used to encrypt data and files, preventing access to important content. The attackers then attempt to extort money from victims, usually in the form of cryptocurrencies, in exchange for the decryption key. Most ransomware infections start with email messages with attachments that try to install ransomware, or websites hosting exploit kits that attempt to use vulnerabilities in web browsers and other software to install ransomware.
159
+
- Password cracking / [password spray](/security/operations/incident-response-playbook-password-spray) - attackers try a single carefully crafted password against all of the known user accounts (one password to many accounts). If the initial password spray fails, they try again, utilizing a different carefully crafted password, normally waiting a set amount of time between attempts to avoid detection.
160
+
-[Ransomware attacks](/security/ransomware/human-operated-ransomware) is a type of targeted attack where malware is used to encrypt data and files, preventing access to important content. The attackers then attempt to extort money from victims, usually in the form of cryptocurrencies, in exchange for the decryption key. Most ransomware infections start with email messages with attachments that try to install ransomware, or websites hosting exploit kits that attempt to use vulnerabilities in web browsers and other software to install ransomware.
161
161
162
162
### Password risks
163
163
@@ -177,7 +177,7 @@ Since you don't want attackers to easily guess account names, or passwords, the
177
177
178
178
Consider the following to minimize ransomware risks:
179
179
180
-
- The best strategy to guard against [ransomware](/windows/security/threat-protection/intelligence/ransomware-malware) is to pay particular attention to RDP and SSH vulnerabilities. Additionally, consider the following:
180
+
- The best strategy to guard against [ransomware](/security/ransomware/human-operated-ransomware) is to pay particular attention to RDP and SSH vulnerabilities. Additionally, consider the following:
181
181
- Leverage firewalls and lock down ports
182
182
- Ensuring the latest operating system and application security updates are applied
183
183
- Use [group managed service accounts (gMSA)](/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview)
0 commit comments