SV-93527r1_rule
V-78821
SRG-APP-000439
TANS-SV-000100
CAT II
10
Access the Tanium SQL Server interactively.
Log on with an account with administrative privileges to the server.
Access the server's registry by typing: "regedit". Press "Enter".
Navigate to: HKEY_LOCAL_MACHINE >> SYSTEM >> CurrentControlSet >> Control >> SecurityProviders >> SCHANNEL >> Protocols >> TLS 1.2 >> Server
Right-click in the right window pane.
Select: New >> DWORD (32-bit) Value
In the "Name" field, enter "DisabledByDefault". Press "Enter".
Right-click on the newly created "Name" and select "Modify..."
Leave default value of "0" in "Value data:" and ensure that under "Base" the "Hexadecimal" radio button is selected. Click "OK".
Right-click in the right window pane.
Select: New >> DWORD (32-bit) Value
In the "Name" field, enter "Enabled". Press "Enter".
Right-click on the newly created "Name" and select "Modify..."
Enter "1" in "Value data:" and ensure that under "Base" the "Hexadecimal" radio button is selected. Click "OK".
Access the Tanium SQL Server interactively.
Log on with an account with administrative privileges to the server.
Access the server's registry by typing: "regedit". Press "Enter".
Navigate to: HKEY_LOCAL_MACHINE >> SYSTEM >> CurrentControlSet >> Control >> SecurityProviders >> SCHANNEL >> Protocols >> TLS 1.2 >> Server
Name: DisabledByDefault
Type: REG_DWORD
Data: 0x0000000 (hex)
If the value for "DisabledByDefault" is not set to "0" and "Type" is not configured to "REG_DWORD" or does not exist, this is a finding.
Name: Enabled
Type: REG_DWORD
Data: 0x00000001 (hex)
If the value for "Enabled" is not set to "1" and "Type" is not configured to "REG_DWORD" or does not exist, this is a finding.
V-78821
False
TANS-SV-000100
Access the Tanium SQL Server interactively.
Log on with an account with administrative privileges to the server.
Access the server's registry by typing: "regedit". Press "Enter".
Navigate to: HKEY_LOCAL_MACHINE >> SYSTEM >> CurrentControlSet >> Control >> SecurityProviders >> SCHANNEL >> Protocols >> TLS 1.2 >> Server
Name: DisabledByDefault
Type: REG_DWORD
Data: 0x0000000 (hex)
If the value for "DisabledByDefault" is not set to "0" and "Type" is not configured to "REG_DWORD" or does not exist, this is a finding.
Name: Enabled
Type: REG_DWORD
Data: 0x00000001 (hex)
If the value for "Enabled" is not set to "1" and "Type" is not configured to "REG_DWORD" or does not exist, this is a finding.
M
3215