STIGQter STIGQter: STIG Summary: MS SQL Server 2014 Instance Security Technical Implementation Guide Version: 1 Release: 10 Benchmark Date: 24 Apr 2020:

SQL Server security-relevant configuration settings must be monitored to discover unauthorized changes.

DISA Rule

SV-82299r1_rule

Vulnerability Number

V-67809

Group Title

SRG-APP-000133-DB-000179

Rule Version

SQL4-00-015300

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Document the monitoring of security-relevant configuration settings to discover unauthorized changes within the system documentation.

Document the specific users or types of security personnel that are able to monitor security-relevant configuration settings to discover unauthorized changes.

Deploy and implement a third-party tool or some other SQL Server method of monitoring security-relevant configuration settings to discover unauthorized changes.

Check Contents

Verify within the system documentation that SQL Server is monitored for security-relevant configuration settings to discover unauthorized changes.

This can be done by a third-party tool or a SQL script that does baselining and then comparisons.

If the monitoring of security-relevant configuration settings to discover unauthorized changes is not implemented on SQL Server, this is a finding.

Vulnerability Number

V-67809

Documentable

False

Rule Version

SQL4-00-015300

Severity Override Guidance

Verify within the system documentation that SQL Server is monitored for security-relevant configuration settings to discover unauthorized changes.

This can be done by a third-party tool or a SQL script that does baselining and then comparisons.

If the monitoring of security-relevant configuration settings to discover unauthorized changes is not implemented on SQL Server, this is a finding.

Check Content Reference

M

Target Key

2639

Comments