Detections
Analytics

DISA STIG SQL Server 2012 Database OS Audit v1r20

Audit Details

Name: DISA STIG SQL Server 2012 Database OS Audit v1r20

Updated: 2/25/2026

Authority: DISA STIG

Plugin: Windows

Revision: 1.12

Estimated Item Count: 38

File Details

Filename: DISA_STIG_MSSQL_2012_Instance-OS_v1r20.audit

Size: 174 kB

MD5: 875d2e9c431d21a0d2bfe25811dd42d4
SHA256: 75f54fcc19ba71022c471547dfac6a559b9c4e083ed0afce38a704dd9f91794a

Audit Changelog

 
Revision 1.12

Feb 25, 2026

Functional Update
  • DISA_STIG_MSSQL_2012_Instance-OS_v1r20.audit from DISA Microsoft SQL Server Instance 2012 v1r20 STIG
  • SQL2-00-009100 - A single SQL Server database connection configuration file (or a single set of credentials) must not be used to configure all database clients - or a single set of credentials must not be used to configure all clients.
  • SQL2-00-009900 - OS and domain accounts utilized to run external procedures called by SQL Server must have limited privileges.
  • SQL2-00-010000 - DBA OS or domain accounts must be granted only those host system privileges necessary for the administration of SQL Server.
  • SQL2-00-010100 - Use of the SQL Server software installation account must be restricted to SQL Server software installation.
  • SQL2-00-010600 - SQL Server must have allocated audit record storage capacity to meet the organization-defined requirements for saving audit record information.
  • SQL2-00-014600 - SQL Server must support the organizational requirement to employ automated mechanisms for enforcing access restrictions.
  • SQL2-00-015350 - Software, applications, and configuration files that are part of, or related to, the SQL Server 2012 installation must be monitored to discover unauthorized changes.
  • SQL2-00-015355 - Software, applications, and configuration files that are part of, or related to, the SQL Server 2012 installation must be audited.
  • SQL2-00-015400 - SQL Server software installation account(s) must be restricted to authorized users.
  • SQL2-00-015500 - Database software directories, including SQL Server configuration files, must be stored in dedicated directories, separate from the host OS and other applications.
  • SQL2-00-039100 - The SQL Server Browser service must be disabled if its use is not necessary.
Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • References updated.
  • Variables updated.
Revision 1.11

Jun 18, 2024

Miscellaneous
  • Metadata updated.
Revision 1.10

Jun 17, 2024

Miscellaneous
  • Metadata updated.
Revision 1.9

Apr 12, 2023

Miscellaneous
  • Metadata updated.
  • Platform check updated.
Revision 1.8

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.7

Feb 21, 2023

Miscellaneous
  • Metadata updated.
  • Variables updated.
Revision 1.6

Dec 7, 2022

Miscellaneous
  • Metadata updated.
Revision 1.5

Apr 25, 2022

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.4

Jul 30, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.3

Jun 17, 2021

Miscellaneous
  • Metadata updated.