A virtual service account has a well-known name in the form of NT SERVICE\ and can access the network using the credentials \$. In SQL Server 2012, they are the default service account specified during setup.
![sql server sa account attacks sql server sa account attacks](https://i.stack.imgur.com/yDNqg.png)
Virtual accounts are managed local accounts that is automatically provisioned and managed. This type of account cannot be used to log in to a computer and provides automatic SPN and password management, once provisioned. It must be provisioned by the domain administrator prior to being used. A managed service account is a special type of domain account that can be assigned to a single computer and used to manage a service. SQL Server 2012 is the first version of SQL Server to permit these accounts to be used as service accounts. Windows Server 2008 R2 and Windows 7 operating systems introduced two new types of service accounts: Virtual accounts and managed service accounts. You also need to consider account isolation the service accounts should not only be different from one another, they should not be used by any other service on the same server. The service account should have exactly the privileges that it needs to do its job and no more privileges. When choosing service accounts, consider the principle of least privilege.
![sql server sa account attacks sql server sa account attacks](https://4.bp.blogspot.com/-n_yozgnqaYs/WNNykNUux5I/AAAAAAAADVY/MBKpk6EzijAUzmbCmC-uIvUX96XSadGgwCLcB/s1600/Diag_Final.png)
Configure only those server network interfaces that you will actually use, mostly TCP/IP protocol only is enough.
SQL SERVER SA ACCOUNT ATTACKS MANUAL
After the SQL Server is installed, you should turn off unneeded services by setting the service to either Manual startup or Disabled in the SQL Server Configuration Manager. It is easier to enable features when they are needed than it is to enable everything by default and then turn off features that you do not need.
SQL SERVER SA ACCOUNT ATTACKS INSTALL
Later, install additional features only as needed.
![sql server sa account attacks sql server sa account attacks](https://dirceuresende.com/wp-content/uploads/2019/02/SQL-Server-Como-evitar-ataques-de-força-bruta-no-seu-banco-de-dados-2.png)
It is a best practice to review which product features you actually need and install only those features. SQL Server 2012 installation minimizes the "attack surface" because by default, optional features are not installed. This article covers some SQL Server 2012 security best practices that will result in a more secure SQL Server system.