| EP11-00-001200 - The EDB Postgres Advanced Server must generate audit records for DoD-defined auditable events. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| EP11-00-001400 - The EDB Postgres Advanced Server must initiate support of session auditing upon startup. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EP11-00-003300 - The EDB Postgres Advanced Server software installation account must be restricted to authorized users. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| EP11-00-003700 - Default, demonstration and sample databases, database objects, and applications must be removed. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| EP11-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-006600 - The EDB Postgres Advanced Server must reveal detailed error messages only to the ISSO, ISSM, SA, and DBA. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-009700 - When invalid inputs are received, the EDB Postgres Advanced Server must behave in a predictable and documented manner that reflects organizational and system objectives. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-002300 - The EDB Postgres Advanced Server must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 ior 140-3 nstallation of OpenSSL. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SQL2-00-000300 - SQL Server must maintain and support organization-defined security labels on stored information. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-009500 - Administrative privileges, built-in server roles and built-in database roles must be assigned to the DBMS login accounts that require them via custom roles, and not directly. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 104' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 117' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 118' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 128' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 131' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 153' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-016900 - Unused database components and database objects must be removed. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-017510 - Appropriate staff must be alerted when the amount of storage space used by the SQL Server transaction log file(s) exceeds an organization-defined value - s exceeds an organization-defined value. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | CONTINGENCY PLANNING |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - DBCC_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 17 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 20 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 42 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 104 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 105 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 107 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 116 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 117 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 134 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 135 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 152 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 162 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 175 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - LOGIN_CHANGE_PASSWORD_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - SERVER_PRINCIPAL_IMPERSONATION_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - SERVER_ROLE_MEMBER_CHANGE_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-015620 - In a database owned by a login not having administrative privileges at the instance level, the database property TRUSTWORTHY must be OFF unless required and authorized. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-021210 - In the event of a system failure, SQL Server must preserve any information necessary to return to operations with least disruption to mission processes. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-021800 - Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data-transfer policy. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-022800 - The DBMS and associated applications must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-031500 - The DBMS and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-035200 - When invalid inputs are received, SQL Server must behave in a predictable and documented manner that reflects organizational and system objectives. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 83 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 87 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 43 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 89 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 91 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 162 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
