7.7 Secure SQLADM Authority

Information

The SQLADM authority is required to monitor, tune, and alter SQL statements.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

1. Revoke SQLADM authority from any unauthorized users.
REVOKE SQLADM ON DATABASE FROM USER <username>

See Also

https://workbench.cisecurity.org/files/162