STIGQter STIGQter: STIG Summary: MS SQL Server 2014 Instance Security Technical Implementation Guide Version: 1 Release: 10 Benchmark Date: 24 Apr 2020:

SQL Server must have the SQL Server Analysis Services (SSAS) software component removed if it is unused.

DISA Rule

SV-82319r1_rule

Vulnerability Number

V-67829

Group Title

SRG-APP-000141-DB-000091

Rule Version

SQL4-00-016800

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Either using the Start menu or via the command "control.exe", open the Windows Control Panel. Open Programs and Features. Double-click on Microsoft SQL Server 2014. In the dialog box that appears, select Remove. Wait for the Remove wizard to appear.

Select the relevant SQL Server instance; click Next.

Select Analysis Services; click Next.

Follow the remaining prompts, to remove SQL Server Analysis Services from SQL Server.

Check Contents

If the SQL Server service "SQL Server Analysis Services (<Instance Name>)" is used and satisfies organizational requirements, this is not a finding.

From a command prompt or the Start menu, using an account with System Administrator Privilege, open services.msc. Look for: "SQL Server Analysis Services (<Instance Name>)".

If the "SQL Server Analysis Services (<Instance Name>)" service exists, this is a finding.

Vulnerability Number

V-67829

Documentable

False

Rule Version

SQL4-00-016800

Severity Override Guidance

If the SQL Server service "SQL Server Analysis Services (<Instance Name>)" is used and satisfies organizational requirements, this is not a finding.

From a command prompt or the Start menu, using an account with System Administrator Privilege, open services.msc. Look for: "SQL Server Analysis Services (<Instance Name>)".

If the "SQL Server Analysis Services (<Instance Name>)" service exists, this is a finding.

Check Content Reference

M

Target Key

2639

Comments