STIGQter: STIG Summary: MS SQL Server 2016 Instance Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

SQL Server must be configured to prohibit or restrict the use of organization-defined ports, as defined in the PPSM CAL and vulnerability assessments.

DISA Rule

SV-213962r617437_rule

Vulnerability Number

V-213962

Group Title

SRG-APP-000142-DB-000094

Rule Version

SQL6-D0-007700

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Use SQL Server Configuration to change the ports used by SQL Server to comply with PPSM guidance, or document the need for other ports, and obtain written approval. Close ports no longer needed.

Check Contents

Review SQL Server Configuration for the ports used by SQL Server.

To determine whether SQL Server is configured to use a fixed port or dynamic ports, in the right-hand pane double-click on the TCP/IP entry, to open the Properties dialog. (The default fixed port is 1433.)

If these are in conflict with PPSM guidance, and not explained and approved in the system documentation, this is a finding.

Vulnerability Number

V-213962

Documentable

False

Rule Version

SQL6-D0-007700

Severity Override Guidance

Review SQL Server Configuration for the ports used by SQL Server.

To determine whether SQL Server is configured to use a fixed port or dynamic ports, in the right-hand pane double-click on the TCP/IP entry, to open the Properties dialog. (The default fixed port is 1433.)

If these are in conflict with PPSM guidance, and not explained and approved in the system documentation, this is a finding.

Check Content Reference

M

Target Key

3993

Comments