Detections
Analytics

DISA STIG SQL Server 2012 Database OS Audit v1r20

Audit Details

Name: DISA STIG SQL Server 2012 Database OS Audit v1r20

Updated: 6/18/2024

Authority: DISA STIG

Plugin: Windows

Revision: 1.11

Estimated Item Count: 38

File Details

Filename: DISA_STIG_MSSQL_2012_Instance-OS_v1r20.audit

Size: 162 kB

MD5: df55f85a94282a31353bde55ed559356
SHA256: abdec2c7c3c67d45a14c7523bb842cea4b4fc72c0d001878a3cc5f06a7e42e96

Audit Items

DescriptionCategories
DISA_STIG_MSSQL_2012_Instance-OS_v1r20.audit from DISA Microsoft SQL Server Instance 2012 v1r20 STIG
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Full-text Filter Daemon Launcher'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Agent'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Analysis Services'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Browser'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Distributed Replay Client'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Distributed Replay Controller'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Integration Services 11.0'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Reporting Services'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server VSS Writer'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-009100 - A single SQL Server database connection configuration file (or a single set of credentials) must not be used to configure all database clients - or a single set of credentials must not be used to configure all clients.

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL2-00-009900 - OS and domain accounts utilized to run external procedures called by SQL Server must have limited privileges.

CONFIGURATION MANAGEMENT

SQL2-00-010000 - DBA OS or domain accounts must be granted only those host system privileges necessary for the administration of SQL Server.

CONFIGURATION MANAGEMENT

SQL2-00-010100 - Use of the SQL Server software installation account must be restricted to SQL Server software installation.

CONFIGURATION MANAGEMENT

SQL2-00-010600 - SQL Server must have allocated audit record storage capacity to meet the organization-defined requirements for saving audit record information.

AUDIT AND ACCOUNTABILITY

SQL2-00-013600 - SQL Server must protect audit information from any type of unauthorized access.

AUDIT AND ACCOUNTABILITY

SQL2-00-013700 - SQL Server must protect audit information from unauthorized modification.

AUDIT AND ACCOUNTABILITY

SQL2-00-013800 - SQL Server must protect audit information from unauthorized deletion.

AUDIT AND ACCOUNTABILITY

SQL2-00-014400 - SQL Server must protect the audit records generated as a result of remote access to privileged accounts and by the execution of privileged functions.

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

SQL2-00-014600 - SQL Server must support the organizational requirement to employ automated mechanisms for enforcing access restrictions.

CONFIGURATION MANAGEMENT

SQL2-00-014700 - SQL Server must support the employment of automated mechanisms supporting the auditing of the enforcement actions.

CONFIGURATION MANAGEMENT

SQL2-00-015350 - Software, applications, and configuration files that are part of, or related to, the SQL Server 2012 installation must be monitored to discover unauthorized changes.

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

SQL2-00-015355 - Software, applications, and configuration files that are part of, or related to, the SQL Server 2012 installation must be audited.

SYSTEM AND INFORMATION INTEGRITY

SQL2-00-015400 - SQL Server software installation account(s) must be restricted to authorized users.

CONFIGURATION MANAGEMENT

SQL2-00-015500 - Database software directories, including SQL Server configuration files, must be stored in dedicated directories, separate from the host OS and other applications.

CONFIGURATION MANAGEMENT

SQL2-00-015800 - The OS must limit privileges to change SQL Server software resident within software libraries (including privileged programs) - '\110\Shared'

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

SQL2-00-015800 - The OS must limit privileges to change SQL Server software resident within software libraries (including privileged programs) - 'binn'

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

SQL2-00-015800 - The OS must limit privileges to change SQL Server software resident within software libraries (including privileged programs) - 'Install'

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

SQL2-00-016500 - SQL Server must have the SQL Server Data Tools (SSDT) software component removed from SQL Server if SSDT is unused.

CONFIGURATION MANAGEMENT

SQL2-00-016600 - SQL Server must have the SQL Server Reporting Service (SSRS) software component removed from SQL Server if SSRS is unused.

CONFIGURATION MANAGEMENT

SQL2-00-016700 - SQL Server must have the SQL Server Integrated Services (SSIS) software component removed from SQL Server if SSIS is unused.

CONFIGURATION MANAGEMENT

SQL2-00-016800 - SQL Server must have the SQL Server Analysis Service (SSAS) software component removed from SQL Server if SSAS is unused.

CONFIGURATION MANAGEMENT

SQL2-00-020100 - SQL Server must protect the integrity of publicly available information and applications.

CONFIGURATION MANAGEMENT

SQL2-00-025100 - The OS must limit privileges to the SQL Server Data Root directory and its subordinate directories and files.

CONFIGURATION MANAGEMENT

SQL2-00-025200 - The OS must limit privileges to the SQL Server data directories and their subordinate directories and files.

CONFIGURATION MANAGEMENT

SQL2-00-025300 - The OS must limit privileges to the SQL Server backup directories and files.

CONFIGURATION MANAGEMENT

SQL2-00-039100 - The SQL Server Browser service must be disabled if its use is not necessary.

CONFIGURATION MANAGEMENT