STIGQter: STIG Summary: MS SQL Server 2014 Instance Security Technical Implementation Guide Version: 1 Release: 10 Benchmark Date: 24 Apr 2020:

SQL Server must disable communication protocols not required for operation.

DISA Rule

SV-82395r1_rule

Vulnerability Number

V-67905

Group Title

SRG-APP-000383-DB-000364

Rule Version

SQL4-00-034200

Severity

CAT II

CCI(s)

• CCI-001762 - The organization disables organization-defined functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure.

Weight

10

Fix Recommendation

In SQL Server Configuration Manager, right-click on each enabled protocol that is not required. Select Disabled.

Close SQL Server Configuration Manager. Restart SQL Server.

Check Contents

Review the system security plan to determine the communication protocols used by the SQL Server instance.

Open SQL Server Configuration Manager from the Windows Start menu or by entering "SQLServerManager12.msc" in a Command Prompt window or in the Run dialog box. Select SQL Server Network Configuration >> Protocols for <instance name>. Review the list of protocols.

If any that are not required are shown as enabled, this is a finding.

Vulnerability Number

V-67905

Documentable

False

Rule Version

SQL4-00-034200

Severity Override Guidance

Review the system security plan to determine the communication protocols used by the SQL Server instance.

Open SQL Server Configuration Manager from the Windows Start menu or by entering "SQLServerManager12.msc" in a Command Prompt window or in the Run dialog box. Select SQL Server Network Configuration >> Protocols for <instance name>. Review the list of protocols.

If any that are not required are shown as enabled, this is a finding.

Check Content Reference

M

Target Key

2639

Comments