DISA STIG SQL Server 2012 Database Audit v1r20

Audit Details

Name: DISA STIG SQL Server 2012 Database Audit v1r20

Updated: 6/17/2024

Authority: DISA STIG

Plugin: MS_SQLDB

Revision: 1.1

Estimated Item Count: 66

File Details

Filename: DISA_STIG_MSSQL_2012_DBMS_Database_v1r20.audit

Size: 153 kB

MD5: f25306ee4b709ff0025c76b961b476e8
SHA256: fb8ab2e4debe1fc2703ea025c54519838e7e4b3b33b723b6433d610a8d70683c

Audit Items

DescriptionCategories
DISA_STIG_MSSQL_2012_Database_v1r20.audit from DISA Microsoft SQL Server Instance 2012 v1r20 STIG
SQL2-00-000300 - SQL Server must maintain and support organization-defined security labels on stored information.

ACCESS CONTROL

SQL2-00-000400 - SQL Server must maintain and support organization-defined security labels on information in process.

ACCESS CONTROL

SQL2-00-000500 - SQL Server must maintain and support organization-defined security labels on data in transmission.

ACCESS CONTROL

SQL2-00-000900 - SQL Server must allow authorized users to associate security labels to information in the database.

ACCESS CONTROL

SQL2-00-009200 - SQL Server must be protected from unauthorized access by developers.

ACCESS CONTROL

SQL2-00-009300 - SQL Server must be protected from unauthorized access by developers on shared production/development host systems.

ACCESS CONTROL

SQL2-00-009500 - Administrative privileges, built-in server roles and built-in database roles must be assigned to the DBMS login accounts that require them via custom roles, and not directly.

ACCESS CONTROL

SQL2-00-011050 - SQL Server utilizing Discretionary Access Control (DAC) must enforce a policy that limits propagation of access rights.

ACCESS CONTROL

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 14'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 15'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 18'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 20'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 102'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 103'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 104'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 105'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 106'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 107'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 108'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 109'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 110'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 111'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 112'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 113'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 115'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 116'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 117'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 118'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 128'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 129'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 130'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 131'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 132'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 133'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 134'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 135'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 152'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 153'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 170'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 171'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 172'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 173'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 175'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 176'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 177'

AUDIT AND ACCOUNTABILITY

SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 178'

AUDIT AND ACCOUNTABILITY

SQL2-00-014900 - SQL Server must be monitored to discover unauthorized changes to functions.

CONFIGURATION MANAGEMENT

SQL2-00-015100 - SQL Server must be monitored to discover unauthorized changes to triggers.

CONFIGURATION MANAGEMENT

SQL2-00-015200 - SQL Server must be monitored to discover unauthorized changes to stored procedures.

CONFIGURATION MANAGEMENT