SQL6-D0-009900 - SQL Server must prevent unauthorized and unintended information transfer via shared system resources.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The purpose of this control is to prevent information, including encrypted representations of information, produced by the actions of a prior user/role (or the actions of a process acting on behalf of a prior user/role) from being available to any current user/role (or current process) that obtains access to a shared system resource (e.g., registers, main memory, secondary storage) after the resource has been released back to the information system. Control of information in shared resources is also referred to as object reuse.

Solution

If IFI is not documented as being required, disable instant file initialization for the instance of SQL Server by removing the SQL Service SID and/or service account from the 'Perform volume maintenance tasks' Local Rights Assignment.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_SQL_Server_2016_Y22M10_STIG.zip

Item Details

References: CAT|II, CCI|CCI-001090, Rule-ID|SV-213976r754621_rule, STIG-ID|SQL6-D0-009900, STIG-Legacy|SV-93919, STIG-Legacy|V-79213, Vuln-ID|V-213976

Plugin: Windows

Control ID: 57c0c4ee6e6e8d6b4508ba0bf3648ea0199238904803464ea045ad76724877fc