STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:SV-234074r612749_rule
V-234074
SRG-APP-000381
TANS-DB-000004
CAT II
10
Access the Tanium SQL server interactively.
Log on to the server with an account that has administrative privileges.
Open SQL Server Management Studio.
Connect to Tanium instance of SQL Server.
In the left pane, click "Databases".
Select the Tanium database.
Click "Security".
Click "Users".
In the "Users" pane, right-click the Tanium Server service user account.
On the shortcut menu, click "Properties".
Under Database role membership, change role from "sysadmin" to "db_owner".
Click "OK".
If using Postgres:
Configure PostgreSQL to enforce access restrictions associated with changes to the configuration of PostgreSQL or database(s).
Use ALTER ROLE to remove accesses from roles:
$ psql -c "ALTER ROLE <role_name> NOSUPERUSER"
Access the Tanium SQL server interactively.
Log on to the server with an account that has administrative privileges.
Open SQL Server Management Studio.
Connect to Tanium instance of SQL Server.
In the left pane, click "Databases".
Select the Tanium database.
Click "Security".
Click "Users".
In the "Users" pane, review the role assigned to the Tanium Server service user account.
If the role assigned to the Tanium Server service account is not "db_owner", this is a finding.
If using Postgres:
Only owners of objects can change them. To view all functions, triggers, and trigger procedures, their ownership and source, as the database administrator (shown here as "postgres") run the following SQL:
$ sudo su - postgres
$ psql -x -c "\df+"
V-234074
False
TANS-DB-000004
Access the Tanium SQL server interactively.
Log on to the server with an account that has administrative privileges.
Open SQL Server Management Studio.
Connect to Tanium instance of SQL Server.
In the left pane, click "Databases".
Select the Tanium database.
Click "Security".
Click "Users".
In the "Users" pane, review the role assigned to the Tanium Server service user account.
If the role assigned to the Tanium Server service account is not "db_owner", this is a finding.
If using Postgres:
Only owners of objects can change them. To view all functions, triggers, and trigger procedures, their ownership and source, as the database administrator (shown here as "postgres") run the following SQL:
$ sudo su - postgres
$ psql -x -c "\df+"
M
5259