DISA STIG SQL Server 2012 DB Instance Security v1r20

Audit Details

Name: DISA STIG SQL Server 2012 DB Instance Security v1r20

Updated: 6/27/2023

Authority: DISA STIG

Plugin: MS_SQLDB

Revision: 1.0

Estimated Item Count: 553

File Details

Filename: DISA_STIG_MSSQL_2012_Instance_Database_v1r20.audit

Size: 1.35 MB

MD5: 8b908863b27b58fd6f626e80857cca01

SHA256: d64a64fb788d9994bc7b4ec4508040744cf527911b41e18ac62f25af18c9a587

Audit Items

Description	Categories
DISA_STIG_MSSQL_2012_Instance-DB_v1r20.audit from DISA Microsoft SQL Server Instance 2012 v1r20 STIG
SQL2-00-000100 - The number of concurrent SQL Server sessions for each system account must be limited.	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 14'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 15'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 18'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 20'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 102'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 103'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 104'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 105'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 106'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 107'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 108'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 109'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 110'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 111'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 112'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 113'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 115'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 116'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 117'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 118'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 128'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 129'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 130'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 131'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 132'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 133'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 134'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 135'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 152'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 153'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 170'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 171'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 172'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 173'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 175'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 176'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 177'	ACCESS CONTROL
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 178'	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 14'	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 15'	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 18'	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 20'	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 102'	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 103'	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 104'	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 105'	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 106'	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 107'	ACCESS CONTROL

Detections

Analytics

DISA STIG SQL Server 2012 DB Instance Security v1r20

Audit Details

File Details

Audit Items