DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDB

Audit Details

Name: DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDB

Updated: 6/2/2026

Authority: DISA STIG

Plugin: MS_SQLDB

Revision: 1.1

Estimated Item Count: 69

File Details

Filename: DISA_STIG_MSSQL_2016_Instance_Database_v3r6.audit

Size: 248 kB

MD5: 725651d74cd88ffa39578021cc2bdc81
SHA256: 7d451cc3a230eb426310360ac4dc756e2d11118ce3362ad6597e485183560ff1

Audit Changelog

 
Revision 1.1

Jun 2, 2026

Miscellaneous
  • Metadata updated.
  • See also link updated.
Removed
  • SQL6-D0-007800 - SQL Server must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
  • SQL6-D0-011900 - SQL Server must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance.
  • SQL6-D0-012900 - SQL Server must be able to generate audit records when successful and unsuccessful attempts to access security objects occur.
  • SQL6-D0-013200 - SQL Server must generate audit records when successful and unsuccessful attempts to access categorized information (e.g., classification levels/security levels) occur.
  • SQL6-D0-014000 - SQL Server must generate audit records when successful and unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur.
  • SQL6-D0-014400 - SQL Server must generate audit records when successful and unsuccessful attempts to delete security objects occur.
  • SQL6-D0-014600 - SQL Server must generate audit records when successful and unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur.
  • SQL6-D0-014900 - SQL Server must generate audit records for all privileged activities or other system-level access.
  • SQL6-D0-015000 - SQL Server must generate audit records when unsuccessful attempts to execute privileged activities or other system-level access occur.
  • SQL6-D0-015100 - SQL Server must generate audit records showing starting and ending time for user access to the database(s).
  • SQL6-D0-015200 - SQL Server must generate audit records when concurrent logons/connections by the same user from different workstations occur.
  • SQL6-D0-015400 - SQL Server must generate audit records when successful and unsuccessful accesses to objects occur.