STIGQter: STIG Summary: MS SQL Server 2014 Instance Security Technical Implementation Guide Version: 1 Release: 10 Benchmark Date: 24 Apr 2020:

Access to database files must be limited to relevant processes and to authorized, administrative users.

DISA Rule

SV-82371r1_rule

Vulnerability Number

V-67881

Group Title

SRG-APP-000243-DB-000374

Rule Version

SQL4-00-031400

Severity

CAT II

CCI(s)

• CCI-001090 - The information system prevents unauthorized and unintended information transfer via shared system resources.

Weight

10

Fix Recommendation

Configure the permissions granted by the operating system/file system on the database files, database transaction log files, database audit log files, and database backup files so that only relevant system accounts and authorized system administrators and database administrators with a need to know are permitted to read/view these files.

Check Contents

Review the permissions granted to users by the operating system/file system on the database files, database transaction log files, database audit log files, and database backup files.

If any user/role who is not an authorized system administrator with a need to know or database administrator with a need to know, or a system account for running DBMS processes, is permitted to read/view any of these files, this is a finding.

Vulnerability Number

V-67881

Documentable

False

Rule Version

SQL4-00-031400

Severity Override Guidance

Review the permissions granted to users by the operating system/file system on the database files, database transaction log files, database audit log files, and database backup files.

If any user/role who is not an authorized system administrator with a need to know or database administrator with a need to know, or a system account for running DBMS processes, is permitted to read/view any of these files, this is a finding.

Check Content Reference

M

Target Key

2639

Comments