STIGQter: STIG Summary: MS SQL Server 2016 Instance Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

SQL Server must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes.

DISA Rule

SV-214023r617437_rule

Vulnerability Number

V-214023

Group Title

SRG-APP-000514-DB-000382

Rule Version

SQL6-D0-015700

Severity

CAT I

CCI(s)

CCI-002450 - The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

Weight

Fix Recommendation

Configure Windows to require the use of FIPS compliant algorithms.

Click Start >> Type "Local Security Policy" >> Press Enter >> Expand "Local Policies" >> Select "Security Options" >> Locate "System Cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing." >> Change the Setting option to "Enabled" >> Restart Windows

Check Contents

Verify that Windows is configured to require the use of FIPS 140-2 algorithms.

Click Start >> Type "Local Security Policy" >> Press Enter >> Expand "Local Policies" >> Select "Security Options" >> Locate "System Cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing."

If "System Cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" is not enabled, this is a finding.

SQL Server must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments