| 2.4 Ensure the SharePoint setup account is configured with the minimum privileges on the SQL server. | CIS Microsoft SharePoint 2019 DB v1.0.0 | MS_SQLDB | |
| 2.5 Ensure the SharePoint setup account is configured with the minimum privileges on the SQL server - db_owner | CIS Microsoft SharePoint 2016 DB v1.1.0 | MS_SQLDB | ACCESS CONTROL |
| 2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' | CIS SQL Server 2016 Database L1 OS v1.4.0 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' | CIS SQL Server 2017 Database L1 OS v1.3.0 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' | CIS SQL Server 2022 Database L1 OS v1.1.0 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode' | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode' | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12' | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12' | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12' | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| Huawei: Set 'login' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set 'shell' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set appropriate 'login' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set System Name | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| O112-C2-008200 - The DBMS itself, or the logging or alerting mechanism the application utilizes, must provide a warning when allocated audit record storage volume reaches an organization-defined percentage of maximum audit record storage capacity. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-017000 - Unused database components that are integrated in SQL Server and cannot be uninstalled must be disabled. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-012100 - SQL Server must produce Trace or Audit records containing sufficient information to establish the sources (origins) of the events - origins of the events. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-012300 - SQL Server must produce Trace or Audit records containing sufficient information to establish the identity of any user/subject associated with the event. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-016700 - SQL Server must have the SQL Server Integration Services (SSIS) software component removed if it is unused. | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| SQL4-00-017000 - Unused database components that are integrated in SQL Server and cannot be uninstalled must be disabled. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-030600 - Where availability is paramount, the SQL Server must continue processing (preferably overwriting existing records, oldest first), in the event of lack of space for more Audit/Trace log records; and must keep processing after any failure of an Audit/Trace. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - APPLICATION_ROLE_CHANGE_PASSWORD_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - AUDIT_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DATABASE_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DATABASE_OPERATION_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DBCC_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 104 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 111 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 116 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 117 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 131 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 133 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - SERVER_ROLE_MEMBER_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - TRACE_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-035500 - Software updates to SQL Server must be tested before being applied to production systems. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 43 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 84 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 85 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 86 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 88 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 89 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 90 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 91 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 162 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
