| DISA_STIG_MSSQL_2014_Instance-OS_v2r4.audit from DISA MS SQL Server 2014 Instance v2r4 STIG | |
| SQL4-00-014000 - SQL Server and/or the operating system must protect its audit configuration from unauthorized modification. | AUDIT AND ACCOUNTABILITY |
| SQL4-00-014100 - SQL Server and the operating system must protect SQL Server audit features from unauthorized removal. | AUDIT AND ACCOUNTABILITY |
| SQL4-00-015350 - Software, applications, and configuration files that are part of, or related to, the SQL Server installation must be monitored to discover unauthorized changes. | CONFIGURATION MANAGEMENT |
| SQL4-00-015400 - SQL Server software installation account(s) must be restricted to authorized users. | CONFIGURATION MANAGEMENT |
| SQL4-00-015500 - Database software directories, including SQL Server configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | CONFIGURATION MANAGEMENT |
| SQL4-00-016500 - SQL Server must have the SQL Server Data Tools (SSDT) software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-016600 - SQL Server must have the SQL Server Reporting Services (SSRS) software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-016700 - SQL Server must have the SQL Server Integration Services (SSIS) software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-016800 - SQL Server must have the SQL Server Analysis Services (SSAS) software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-016805 - SQL Server must have the SQL Server Distributed Replay Client software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-016810 - SQL Server must have the SQL Server Distributed Replay Controller software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-016815 - SQL Server must have the Full-Text Search software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-016820 - SQL Server must have the Master Data Services software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-016826 - SQL Server must have the SQL Server Replication software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-016830 - SQL Server must have the Data Quality Client software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-016845 - SQL Server must have the Client Tools SDK software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-016850 - SQL Server must have the Management Tools software component removed if it is unused. | CONFIGURATION MANAGEMENT |
| SQL4-00-031100 - SQL Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-033600 - SQL Server must produce time stamps that can be mapped to Coordinated Universal Time (UTC, formerly GMT). | AUDIT AND ACCOUNTABILITY |
| SQL4-00-034200 - SQL Server must disable communication protocols not required for operation. | CONFIGURATION MANAGEMENT |
| SQL4-00-034800 - SQL Server must implement and/or support cryptographic mechanisms preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components. | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-035400 - Security-relevant software updates to SQL Server must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs). | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-039100 - The SQL Server Browser service must be disabled if its use is not necessary.. | CONFIGURATION MANAGEMENT |
