Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-002220
CCI
CCI|CCI-002220
Title
Define system access authorizations to support separation of duties.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
SHPT-00-000190 - SharePoint must enforce organizational requirements to implement separation of duties through assigned information access authorizations.
Windows
DISA STIG SharePoint 2010 v1r9
SHPT-00-000199 - SharePoint service accounts must be configured for separation of duties.
Windows
DISA STIG SharePoint 2010 v1r9
SQL2-00-008800 - SQL Server must enforce separation of duties through assigned information access authorizations - 'server permissions'
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-008800 - SQL Server must enforce separation of duties through assigned information access authorizations - 'user defined roles'
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Full-text Filter Daemon Launcher'
Windows
DISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Agent'
Windows
DISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Analysis Services'
Windows
DISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Browser'
Windows
DISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Distributed Replay Client'
Windows
DISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Distributed Replay Controller'
Windows
DISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Integration Services 11.0'
Windows
DISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Reporting Services'
Windows
DISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server VSS Writer'
Windows
DISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server'
Windows
DISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-009000 - SQL Server must restrict access to sensitive information to authorized user roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-009100 - A single SQL Server database connection configuration file (or a single set of credentials) must not be used to configure all database clients - or a single set of credentials must not be used to configure all clients.
Windows
DISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-009200 - SQL Server must be protected from unauthorized access by developers.
MS_SQLDB
DISA STIG SQL Server 2012 Database Audit v1r20
SQL2-00-009300 - SQL Server must be protected from unauthorized access by developers on shared production/development host systems.
MS_SQLDB
DISA STIG SQL Server 2012 Database Audit v1r20
SQL2-00-009400 - SQL Server must restrict access to system tables, other configuration information, and metadata to DBAs and other authorized users.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-009500 - Administrative privileges, built-in server roles and built-in database roles must be assigned to the DBMS login accounts that require them via custom roles, and not directly.
MS_SQLDB
DISA STIG SQL Server 2012 Database Audit v1r20
