Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-003014
CCI
CCI|CCI-003014
Title
Enforce organization-defined mandatory access control policies over all subjects and objects.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
SQL2-00-002200 - SQL Server must enforce non-DAC policies over users and resources where the policy rule set for each policy specifies access control information (i.e., position, nationality, age, project, time of day) - 'server permissions'
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-002300 - SQL Server must enforce access control policies to restrict Alter server state permissions to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-002400 - SQL Server must enforce access control policies to restrict the Alter any event session permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-002500 - SQL Server must enforce access control policies to restrict the Alter any event notification permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-002600 - SQL Server must enforce access control policies to restrict the Alter any endpoint permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-002700 - SQL Server must enforce access control policies to restrict the Alter any database permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-002800 - SQL Server must enforce access control policies to restrict the Alter any credential permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-002900 - SQL Server must enforce access control policies to restrict the Alter any connection permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-003000 - SQL Server must not grant users direct access to the View any definition permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-003100 - SQL Server must not grant users direct access to the Alter any server role permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-003200 - SQL Server must not grant users direct access to the View server state permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-003300 - SQL Server must enforce access control policies to restrict the Create any database permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-003400 - SQL Server must enforce access control policies to restrict the Authenticate server permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-003500 - SQL Server must enforce access control policies to restrict the Alter Settings permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-003600 - SQL Server must enforce access control policies to restrict the Alter any server role permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-003700 - SQL Server must not grant users direct access to the Create server role permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-003800 - SQL Server must enforce access control policies to restrict the Control server permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-003900 - SQL Server must not grant users direct access to the Unsafe assembly permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-004000 - SQL Server must enforce access control policies to restrict the Alter trace permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-004100 - SQL Server must enforce access control policies to restrict the View server state permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-004200 - SQL Server must not grant users direct access control to the Shutdown permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-004300 - SQL Server must enforce access control policies to restrict the Alter any linked server permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-004500 - SQL Server must enforce access control policies to restrict the Alter any login permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-004600 - SQL Server must enforce access control policies to restrict the Alter any availability group permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-004700 - SQL Server must not grant users direct access to the Alter any login permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-004800 - SQL Server must not grant users direct access to the External access assembly permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-004900 - SQL Server must not grant users direct access to the Alter resources permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-005000 - SQL Server must not grant users direct access to the Create trace event notification permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-005100 - SQL Server must not grant users direct access to the Alter Settings permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-005200 - SQL Server must not grant users direct access to the Alter trace permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-005300 - SQL Server must not grant users direct control to the Alter any event session permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-005500 - SQL Server must not grant users direct access to the Alter any linked server permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-005600 - SQL Server must enforce access control policies to restrict the Alter resources permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-005700 - SQL Server must enforce access control policies to restrict the Administer bulk operations permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-005800 - SQL Server must not grant users direct access to the Control server permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-005900 - SQL Server must not grant users direct access to the Create any database permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-006000 - SQL Server must not grant users direct access to the Create availability group permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-006100 - SQL Server must not grant users direct access to the Create DDL event notification permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-006200 - SQL Server must not grant users direct access to the Create endpoint permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-006300 - SQL Server must not grant users direct access to the Administer bulk operations permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-006400 - SQL Server must not grant users direct access to the Authenticate server permission.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-006500 - SQL Server must enforce access control policies to restrict the View any definition permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-006600 - SQL Server must enforce access control policies to restrict the Alter any server audit permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-006700 - SQL Server must enforce access control policies to restrict the Create availability group permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-006800 - SQL Server must enforce access control policies to restrict the Create DDL event notification permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-006900 - SQL Server must enforce access control policies to restrict the Create endpoint permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-007000 - SQL Server must enforce access control policies to restrict the Create server role permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-007100 - SQL Server must enforce access control policies to restrict the Create trace event notification permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-007200 - SQL Server must enforce access control policies to restrict the External access assembly permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-007300 - SQL Server must enforce access control policies to restrict the Shutdown permission to only authorized roles.
MS_SQLDB
DISA STIG SQL Server 2012 DB Instance Security v1r20