STIGQter: STIG Summary: MS SQL Server 2014 Instance Security Technical Implementation Guide Version: 1 Release: 10 Benchmark Date: 24 Apr 2020:

SQL Server, the operating system, or the storage system must provide a warning to appropriate support staff when allocated audit record storage volume reaches 75% of maximum audit record storage capacity.

DISA Rule

SV-82383r1_rule

Vulnerability Number

V-67893

Group Title

SRG-APP-000359-DB-000319

Rule Version

SQL4-00-033400

Severity

CAT II

CCI(s)

CCI-001855 - The information system provides a warning to organization-defined personnel, roles, and/or locations within an organization-defined time period when allocated audit record storage volume reaches an organization-defined percentage of repository maximum audit record storage capacity.

Weight

Fix Recommendation

Configure the system to notify appropriate support staff immediately upon storage volume utilization reaching 75%.

Check Contents

Review system configuration.

If appropriate support staff are not notified immediately upon storage volume utilization reaching 75%, this is a finding.

Vulnerability Number

V-67893

Documentable

False

Rule Version

SQL4-00-033400

Severity Override Guidance

Review system configuration.

If appropriate support staff are not notified immediately upon storage volume utilization reaching 75%, this is a finding.

Check Content Reference

Target Key

2639

SQL Server, the operating system, or the storage system must provide a warning to appropriate support staff when allocated audit record storage volume reaches 75% of maximum audit record storage capacity.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments