| Checked | Name | Title |
|---|
| ☐ | SV-213929r617437_rule | SQL Server must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. |
| ☐ | SV-213930r617437_rule | SQL Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. |
| ☐ | SV-213931r617437_rule | SQL Server must be configured to utilize the most-secure authentication method available. |
| ☐ | SV-213932r617437_rule | SQL Server must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |
| ☐ | SV-213933r617437_rule | SQL Server must protect against a user falsely repudiating by ensuring all accounts are individual, unique, and not shared. |
| ☐ | SV-213934r617437_rule | SQL Server must protect against a user falsely repudiating by ensuring the NT AUTHORITY SYSTEM account is not used for administration. |
| ☐ | SV-213935r617437_rule | SQL Server must protect against a user falsely repudiating by ensuring only clearly unique Active Directory user accounts can connect to the instance. |
| ☐ | SV-213936r617437_rule | SQL Server must be configured to generate audit records for DoD-defined auditable events within all DBMS/database components. |
| ☐ | SV-213937r617437_rule | SQL Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. |
| ☐ | SV-213938r617437_rule | SQL Server must generate audit records when privileges/permissions are retrieved. |
| ☐ | SV-213939r617437_rule | SQL Server must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur. |
| ☐ | SV-213940r617437_rule | SQL Server must initiate session auditing upon startup. |
| ☐ | SV-213941r617437_rule | SQL Server must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject. |
| ☐ | SV-213942r617437_rule | SQL Server must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. |
| ☐ | SV-213943r617437_rule | SQL Server must be configurable to overwrite audit log records, oldest first (First-In-First-Out - FIFO), in the event of unavailability of space for more audit log records. |
| ☐ | SV-213944r617437_rule | The audit information produced by SQL Server must be protected from unauthorized access, modification, and deletion. |
| ☐ | SV-213947r617437_rule | SQL Server must protect its audit features from unauthorized access. |
| ☐ | SV-213948r617437_rule | SQL Server must protect its audit configuration from unauthorized modification. |
| ☐ | SV-213949r617437_rule | SQL Server must protect its audit features from unauthorized removal. |
| ☐ | SV-213950r617437_rule | SQL Server must limit privileges to change software modules and links to software external to SQL Server. |
| ☐ | SV-213951r617437_rule | SQL Server must limit privileges to change software modules, to include stored procedures, functions and triggers, and links to software external to SQL Server. |
| ☐ | SV-213952r617437_rule | SQL Server software installation account must be restricted to authorized users. |
| ☐ | SV-213953r617437_rule | Database software, including DBMS configuration files, must be stored in dedicated directories, separate from the host OS and other applications. |
| ☐ | SV-213954r617437_rule | Default demonstration and sample databases, database objects, and applications must be removed. |
| ☐ | SV-213955r617437_rule | Unused database components, DBMS software, and database objects must be removed. |
| ☐ | SV-213956r617437_rule | Unused database components that are integrated in SQL Server and cannot be uninstalled must be disabled. |
| ☐ | SV-213957r617437_rule | Access to xp_cmdshell must be disabled, unless specifically required and approved. |
| ☐ | SV-213958r617437_rule | Access to CLR code must be disabled or restricted, unless specifically required and approved. |
| ☐ | SV-213959r617437_rule | Access to Non-Standard extended stored procedures must be disabled or restricted, unless specifically required and approved. |
| ☐ | SV-213960r617437_rule | Access to linked servers must be disabled or restricted, unless specifically required and approved. |
| ☐ | SV-213961r617437_rule | SQL Server must be configured to prohibit or restrict the use of organization-defined protocols as defined in the PPSM CAL and vulnerability assessments. |
| ☐ | SV-213962r617437_rule | SQL Server must be configured to prohibit or restrict the use of organization-defined ports, as defined in the PPSM CAL and vulnerability assessments. |
| ☐ | SV-213963r617437_rule | SQL Server must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). |
| ☐ | SV-213964r617437_rule | If DBMS authentication, using passwords, is employed, SQL Server must enforce the DoD standards for password complexity and lifetime. |
| ☐ | SV-213965r617437_rule | Contained databases must use Windows principals. |
| ☐ | SV-213966r667311_rule | If passwords are used for authentication, SQL Server must transmit only encrypted representations of passwords. |
| ☐ | SV-213967r617437_rule | Confidentiality of controlled information during transmission through the use of an approved TLS version. |
| ☐ | SV-213968r617437_rule | SQL Server must enforce authorized access to all PKI private keys stored/utilized by SQL Server. |
| ☐ | SV-213969r617437_rule | SQL Server must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. |
| ☐ | SV-213970r617437_rule | SQL Server must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users). |
| ☐ | SV-213971r617437_rule | SQL Server must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values. |
| ☐ | SV-213972r617437_rule | SQL Server must protect the confidentiality and integrity of all information at rest. |
| ☐ | SV-213973r617437_rule | The Service Master Key must be backed up, stored offline and off-site. |
| ☐ | SV-213974r617437_rule | The Master Key must be backed up, stored offline and off-site. |
| ☐ | SV-213975r617437_rule | SQL Server must prevent unauthorized and unintended information transfer via shared system resources. |
| ☐ | SV-213976r617437_rule | SQL Server must prevent unauthorized and unintended information transfer via shared system resources. |
| ☐ | SV-213977r617437_rule | Access to database files must be limited to relevant processes and to authorized, administrative users. |
| ☐ | SV-213978r617437_rule | SQL Server must reveal detailed error messages only to the ISSO, ISSM, SA, and DBA. |
| ☐ | SV-213979r617437_rule | SQL Server must prevent non-privileged users from executing privileged functions, to include disabling, circumventing, or altering implemented security safeguards/countermeasures. |
| ☐ | SV-213980r617437_rule | Use of credentials and proxies must be restricted to necessary cases only. |
| ☐ | SV-213981r617437_rule | SQL Server must utilize centralized management of the content captured in audit records generated by all components of SQL Server. |
| ☐ | SV-213982r617437_rule | SQL Server must provide centralized configuration of the content to be captured in audit records generated by all components of SQL Server. |
| ☐ | SV-213983r617437_rule | SQL Server must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. |
| ☐ | SV-213984r617437_rule | SQL Server must provide a warning to appropriate support staff when allocated audit record storage volume reaches 75% of maximum audit record storage capacity. |
| ☐ | SV-213985r617437_rule | SQL Server must provide an immediate real-time alert to appropriate support staff of all audit log failures. |
| ☐ | SV-213986r617437_rule | SQL Server must record time stamps in audit records and application data that can be mapped to Coordinated Universal Time (UTC, formerly GMT). |
| ☐ | SV-213987r617437_rule | SQL Server must enforce access restrictions associated with changes to the configuration of the instance. |
| ☐ | SV-213988r617437_rule | Windows must enforce access restrictions associated with changes to the configuration of the SQL Server instance. |
| ☐ | SV-213989r617437_rule | SQL Server must produce audit records of its enforcement of access restrictions associated with changes to the configuration of SQL Server or database(s). |
| ☐ | SV-213990r617437_rule | SQL Server must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance. |
| ☐ | SV-213991r617437_rule | SQL Server must maintain a separate execution domain for each executing process. |
| ☐ | SV-213992r617437_rule | SQL Server services must be configured to run under unique dedicated user accounts. |
| ☐ | SV-213993r617437_rule | When updates are applied to SQL Server software, any software components that have been replaced or made unnecessary must be removed. |
| ☐ | SV-213994r617437_rule | Security-relevant software updates to SQL Server must be installed within the time period directed by an authoritative source (e.g. IAVM, CTOs, DTMs, and STIGs). |
| ☐ | SV-213995r617437_rule | SQL Server must be able to generate audit records when security objects are accessed. |
| ☐ | SV-213996r617437_rule | SQL Server must generate audit records when unsuccessful attempts to access security objects occur. |
| ☐ | SV-213997r617437_rule | SQL Server must generate audit records when categorized information (e.g., classification levels/security levels) is accessed. |
| ☐ | SV-213998r617437_rule | SQL Server must generate audit records when unsuccessful attempts to access categorized information (e.g., classification levels/security levels) occur. |
| ☐ | SV-213999r617437_rule | SQL Server must generate audit records when privileges/permissions are added. |
| ☐ | SV-214000r617437_rule | SQL Server must generate audit records when unsuccessful attempts to add privileges/permissions occur. |
| ☐ | SV-214001r617437_rule | SQL Server must generate audit records when privileges/permissions are modified. |
| ☐ | SV-214002r617437_rule | SQL Server must generate audit records when unsuccessful attempts to modify privileges/permissions occur. |
| ☐ | SV-214003r617437_rule | SQL Server must generate audit records when security objects are modified. |
| ☐ | SV-214004r617437_rule | SQL Server must generate audit records when unsuccessful attempts to modify security objects occur. |
| ☐ | SV-214005r617437_rule | SQL Server must generate audit records when categorized information (e.g., classification levels/security levels) is modified. |
| ☐ | SV-214006r617437_rule | SQL Server must generate audit records when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur. |
| ☐ | SV-214007r617437_rule | SQL Server must generate audit records when privileges/permissions are deleted. |
| ☐ | SV-214008r617437_rule | SQL Server must generate audit records when unsuccessful attempts to delete privileges/permissions occur. |
| ☐ | SV-214009r617437_rule | SQL Server must generate audit records when security objects are deleted. |
| ☐ | SV-214010r617437_rule | SQL Server must generate audit records when unsuccessful attempts to delete security objects occur. |
| ☐ | SV-214011r617437_rule | SQL Server must generate audit records when categorized information (e.g., classification levels/security levels) is deleted. |
| ☐ | SV-214012r617437_rule | SQL Server must generate audit records when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur. |
| ☐ | SV-214013r617437_rule | SQL Server must generate audit records when successful logons or connections occur. |
| ☐ | SV-214014r617437_rule | SQL Server must generate audit records when unsuccessful logons or connection attempts occur. |
| ☐ | SV-214015r617437_rule | SQL Server must generate audit records for all privileged activities or other system-level access. |
| ☐ | SV-214016r617437_rule | SQL Server must generate audit records when unsuccessful attempts to execute privileged activities or other system-level access occur. |
| ☐ | SV-214017r617437_rule | SQL Server must generate audit records showing starting and ending time for user access to the database(s). |
| ☐ | SV-214018r617437_rule | SQL Server must generate audit records when concurrent logons/connections by the same user from different workstations occur. |
| ☐ | SV-214019r617437_rule | SQL Server must generate audit records when successful accesses to objects occur. |
| ☐ | SV-214020r617437_rule | SQL Server must generate audit records when unsuccessful accesses to objects occur. |
| ☐ | SV-214021r617437_rule | SQL Server must generate audit records for all direct access to the database(s). |
| ☐ | SV-214022r617437_rule | SQL Server must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. |
| ☐ | SV-214023r617437_rule | SQL Server must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes. |
| ☐ | SV-214024r617437_rule | SQL Server must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. |
| ☐ | SV-214025r617437_rule | The system SQL Server must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. |
| ☐ | SV-214026r617437_rule | SQL Server must configure Customer Feedback and Error Reporting. |
| ☐ | SV-214027r617437_rule | SQL Server must configure SQL Server Usage and Error Reporting Auditing. |
| ☐ | SV-214028r617437_rule | The SQL Server default account [sa] must be disabled. |
| ☐ | SV-214029r617437_rule | SQL Server default account [sa] must have its name changed. |
| ☐ | SV-214030r617437_rule | Execution of startup stored procedures must be restricted to necessary cases only. |
| ☐ | SV-214031r617437_rule | SQL Server Mirroring endpoint must utilize AES encryption. |
| ☐ | SV-214032r617437_rule | SQL Server Service Broker endpoint must utilize AES encryption. |
| ☐ | SV-214033r617437_rule | SQL Server execute permissions to access the registry must be revoked, unless specifically required and approved. |
| ☐ | SV-214034r617437_rule | Filestream must be disabled, unless specifically required and approved. |
| ☐ | SV-214035r617437_rule | Ole Automation Procedures feature must be disabled, unless specifically required and approved. |
| ☐ | SV-214036r617437_rule | SQL Server User Options feature must be disabled, unless specifically required and approved. |
| ☐ | SV-214037r617437_rule | Remote Access feature must be disabled, unless specifically required and approved. |
| ☐ | SV-214038r617437_rule | Hadoop Connectivity feature must be disabled, unless specifically required and approved. |
| ☐ | SV-214039r617437_rule | Allow Polybase Export feature must be disabled, unless specifically required and approved. |
| ☐ | SV-214040r617437_rule | Remote Data Archive feature must be disabled, unless specifically required and approved. |
| ☐ | SV-214041r617437_rule | SQL Server External Scripts Enabled feature must be disabled, unless specifically required and approved. |
| ☐ | SV-214042r617437_rule | The SQL Server Browser service must be disabled unless specifically required and approved. |
| ☐ | SV-214043r617437_rule | SQL Server Replication Xps feature must be disabled, unless specifically required and approved. |
| ☐ | SV-214044r617437_rule | If the SQL Server Browser Service is specifically required and approved, SQL instances must be hidden. |
| ☐ | SV-214045r617437_rule | When using command-line tools such as SQLCMD in a mixed-mode authentication environment, users must use a logon method that does not expose the password. |
| ☐ | SV-214046r617437_rule | Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals. |
STIGQter: STIG Summary: