| 1.1 Ensure Latest SQL Server Service Packs and Hotfixes are Installed | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databases | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databases | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.12 Ensure the 'SYSADMIN' Role is Limited to Administrative or Built-in Accounts | CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine | MS_SQLDB | ACCESS CONTROL |
| 3.12 Ensure the 'SYSADMIN' Role is Limited to Administrative or Built-in Accounts | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | ACCESS CONTROL |
| AOSX-15-100001 - The macOS system must be a supported release. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
| DISA_STIG_Microsoft_Windows_2012_Server_DNS_v2r7.audit from DISA Microsoft Windows 2012 Server Domain Name System v2r7 STIG | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | |
| SQL2-00-016200 - SQL Server must have the publicly available NorthWind sample database removed. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-016300 - SQL Server must have the publicly available AdventureWorks sample database removed. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-019800 - SQL Server must employ NSA-approved cryptography to protect classified information. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-020200 - SQL Server must protect the integrity of publicly available information and SQL Servers configuration from unauthorized User Mapping access. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - APPLICATION_ROLE_CHANGE_PASSWORD_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - BACKUP_RESTORE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - DATABASE_OBJECT_ACCESS_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - DATABASE_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - DATABASE_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - DATABASE_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - DATABASE_PRINCIPAL_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - DATABASE_PRINCIPAL_IMPERSONATION_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - DBCC_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 47 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 82 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 83 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 84 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 85 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 86 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 89 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 116 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 117 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 118 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 128 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 130 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 131 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 173 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 175 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 177 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - LOGIN_CHANGE_PASSWORD_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - LOGOUT_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SCHEMA_OBJECT_ACCESS_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SCHEMA_OBJECT_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SERVER_OBJECT_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SERVER_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SERVER_OPERATION_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SERVER_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SERVER_PRINCIPAL_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SERVER_PRINCIPAL_IMPERSONATION_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SERVER_ROLE_MEMBER_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SUCCESSFUL_LOGIN_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
