Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'CIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'CIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.3.3 Verify Display Sleep is set to a value larger than the Screen SaverCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

2.7 Ensure 'Remote Admin Connections' Server Configuration Option is set to '0'CIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Ensure 'Remote Admin Connections' Server Configuration Option is set to '0'CIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.13 Ensure 'sa' Login Account is set to 'Disabled'CIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode'CIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

ACCESS CONTROL

3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode'CIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode' - Windows Authentication modeCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

3.12 Ensure the 'SYSADMIN' Role is Limited to Administrative or Built-in AccountsCIS Microsoft SQL Server 2019 v1.5.2 L1 Database EngineMS_SQLDB

ACCESS CONTROL

4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin RoleCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

ACCESS CONTROL

4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin RoleCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin RoleCIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

ACCESS CONTROL

4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated LoginsCIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDSMS_SQLDB

IDENTIFICATION AND AUTHENTICATION

4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated LoginsCIS Microsoft SQL Server 2019 v1.5.2 L1 Database EngineMS_SQLDB

IDENTIFICATION AND AUTHENTICATION

5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'CIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'CIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

6.5 Ensure That Cloud SQL Database Instances Do Not Implicitly Whitelist All Public IP AddressesCIS Google Cloud Platform Foundation v4.0.0 L1GCP

ACCESS CONTROL, MEDIA PROTECTION

7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databasesCIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

CIS VMware ESXi 6.5 v1.0.0 Level 2CIS VMware ESXi 6.5 v1.0.0 Level 2VMware
SQL2-00-009900 - OS and domain accounts utilized to run external procedures called by SQL Server must have limited privileges.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

CONFIGURATION MANAGEMENT

SQL2-00-016600 - SQL Server must have the SQL Server Reporting Service (SSRS) software component removed from SQL Server if SSRS is unused.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

CONFIGURATION MANAGEMENT

SQL2-00-016800 - SQL Server must have the SQL Server Analysis Service (SSAS) software component removed from SQL Server if SSAS is unused.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

CONFIGURATION MANAGEMENT

SQL2-00-039100 - The SQL Server Browser service must be disabled if its use is not necessary.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

CONFIGURATION MANAGEMENT

SQL4-00-011300 - Where SQL Server Trace is in use for auditing purposes, SQL Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be traced.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 42DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 90DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 84DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 105DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 110DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 111DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 171DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 172DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - SERVER_OBJECT_OWNERSHIP_CHAN...DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 84DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 162DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur.DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur - Event ID 14DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 42DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 43DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 84DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 86DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 87DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 88DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 89DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 90DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur.DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL6-D0-005600 - SQL Server must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure.DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDBMS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL6-D0-007300 - Access to CLR code must be disabled or restricted, unless specifically required and approved.DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDBMS_SQLDB

CONFIGURATION MANAGEMENT