Detections
Analytics

CIS Sybase 15.0 L1 DB v1.1.0

Audit Details

Name: CIS Sybase 15.0 L1 DB v1.1.0

Updated: 6/27/2023

Authority: CIS

Plugin: SybaseDB

Revision: 1.0

Estimated Item Count: 35

File Details

Filename: CIS_Sybase_15_0_v1_1_0_L1_Database.audit

Size: 61.5 kB

MD5: 81127b27feaba96175aebc04012bf71f
SHA256: 1ce9ca02546c335eba20a6bc8638e9dc82a0da6f0fae6542d70b154f340f15a0

Audit Items

DescriptionCategories
1.1 Select an appropriate authentication mechanism - LDAP User Auth
1.1 Select an appropriate authentication mechanism - PAM User Auth
1.1 Select an appropriate authentication mechanism - use security services
1.3 Store password hashes using SHA-256 only
1.4 Secure the sa account
1.5 Remove unused accounts and change default passwords
1.11 Conceal Sensitive Input to isql
2.2 Enable message integrity
2.3 Enable message confidentiality
2.4 Enable network password encryption

IDENTIFICATION AND AUTHENTICATION

2.5.1 Enable password encryption

IDENTIFICATION AND AUTHENTICATION

3.1.1 Set an appropriate default database for all users
3.1.2 Restrict use of set proxy
3.3.1 Avoid use of grant all
3.4 Revoke default permissions for the public role
3.5 Ensure updates to system tables are not permitted
3.5.1 Protect database object text in syscomments
3.6.1 Ensure a strong system encryption password is set
4.2 Enabling resource limits
4.3 Enable auditing - auditing of security-related events

AUDIT AND ACCOUNTABILITY

4.3 Enable auditing - sp_configure 'auditing'

AUDIT AND ACCOUNTABILITY

4.6 Review audit queue size
4.8 Log successful and failed login attempt - failure
4.8 Log successful and failed login attempt - success
5.1 Ensure Java is disabled

CONFIGURATION MANAGEMENT

5.2 Ensure External File System Access is disabled - enable cis
5.2 Ensure External File System Access is disabled - enable file access
6.1 Password protect database backups
6.3 Install on a dedicated server
6.4 Maintain an inventory of all ASE instances
6.5 Ensure ASE server names do not disclose sensitive information
6.6 Remove sample databases if installed
6.7 Create separate partitions for programs and data
6.9 Harden host operating system
6.11 Keep up-to-date with Sybase security patches