Workshop | Sams Teach Yourself PHP, MySQL and Apache All in One (3rd Edition)

The workshop is designed to help you anticipate possible questions, review what you've learned, and begin putting your knowledge into practice.

1.	True or False: Telnet is a perfectly acceptable method to securely connect to MySQL from a remote host.
2.	Which three pieces of information does MySQL check each time a request is made?
3.	What command would you use to grant `SELECT`, `INSERT`, and `UPDATE` privileges to a user named `bill` on `localhost` to all tables on the `BillDB` database? Also, what piece of information is missing from this statement that is recommended for security purposes?

False. The key word is secure, and Telnet does not encrypt data between hosts. Instead, use SSH to securely connect to your server.

Who you are, where you are accessing from, and what actions you're allowed to perform.

The command is

GRANT SELECT, INSERT, UPDATE ON BillDB.* TO bill@localhost;

The important missing piece is a password for the user.

1.	Think of situations in which you might want to restrict command access at the table level. For example, you wouldn't want the intern-level administrator to have shutdown privileges for the corporate database.
2.	If you have administrative privileges in MySQL, issue several GRANT commands to create dummy users. It doesn't matter whether the tables and databases you name are actually present.
3.	Use `REVOKE` to remove some of the privileges of the users you created in activity 2.