STIGQter: STIG Summary: MS SQL Server 2014 Instance Security Technical Implementation Guide Version: 1 Release: 10 Benchmark Date: 24 Apr 2020:

The SQL Server Browser service must be disabled if its use is not necessary..

DISA Rule

SV-85245r1_rule

Vulnerability Number

V-70623

Group Title

SRG-APP-000516-DB-999900

Rule Version

SQL4-00-039100

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

If SQL Server Browser is needed, document the justification and obtain the appropriate approvals.

Where SQL Server Browser is judged unnecessary, in the Services tool, double-click on "SQL Server Browser" to open its "Properties" dialog.

Set Startup Type to "Disabled".

If Service Status is "Running", click on "Stop".

Click on "OK".

Check Contents

If the need for the SQL Server Browser service is documented, with appropriate approval, this is not a finding.

Open the Services tool.

Either navigate, via the Windows Start Menu and/or Control Panel, to "Administrative Tools", and select "Services"; or at a command prompt, type "services.msc" and press the "Enter" key.

Scroll to "SQL Server Browser".

If its Startup Type is not shown as "Disabled", this is a finding.

Vulnerability Number

V-70623

Documentable

False

Rule Version

SQL4-00-039100

Severity Override Guidance

If the need for the SQL Server Browser service is documented, with appropriate approval, this is not a finding.

Open the Services tool.

Either navigate, via the Windows Start Menu and/or Control Panel, to "Administrative Tools", and select "Services"; or at a command prompt, type "services.msc" and press the "Enter" key.

Scroll to "SQL Server Browser".

If its Startup Type is not shown as "Disabled", this is a finding.

Check Content Reference

M

Target Key

2639

Comments