STIGQter: STIG Summary: MS SQL Server 2016 Instance Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: MS SQL Server 2016 Instance Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-213952r617437_rule
V-213952
SRG-APP-000133-DB-000198
SQL6-D0-006700
CAT II
10
From a command prompt, open lusrmgr.msc. Navigate to Users >> right-click Individual User >> Properties >> Member Of.
Configure SQL Server and OS settings and access controls to restrict user access to objects and data that the user is authorized to view/use.
From the system documentation, obtain the list of accounts authorized to install/update SQL Server. Run the following PowerShell command to list all users who have installed/modified SQL Server 2016 software and compare the list against those persons who are qualified and authorized to use the software.
sl "C:\program files\microsoft sql server\130\setup bootstrap\Log"
Get-ChildItem -Recurse | Select-String -Pattern "LogonUser = "
If any accounts are shown that are not authorized in the system documentation, this is a finding.
V-213952
False
SQL6-D0-006700
From the system documentation, obtain the list of accounts authorized to install/update SQL Server. Run the following PowerShell command to list all users who have installed/modified SQL Server 2016 software and compare the list against those persons who are qualified and authorized to use the software.
sl "C:\program files\microsoft sql server\130\setup bootstrap\Log"
Get-ChildItem -Recurse | Select-String -Pattern "LogonUser = "
If any accounts are shown that are not authorized in the system documentation, this is a finding.
M
3993