STIGQter: STIG Summary: MS SQL Server 2016 Instance Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: MS SQL Server 2016 Instance Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-213976r617437_rule
V-213976
SRG-APP-000243-DB-000373
SQL6-D0-009900
CAT II
10
If IFI is not documented as being required, disable instant file initialization for the instance of SQL Server by removing the SQL Service SID and/or service account from the "Perform volume maintenance tasks" Local Rights Assignment.
Review the system documentation to determine if Instant File Initialization (IFI) is required.
If IFI is documented as required, this is not a finding.
Review system configuration to determine whether IFI support has been enabled (by default in SQL Server 2016).
Start >> Control Panel >> Administrative Tools >> Local Security Policy >> Local Policies >> User Rights Assignment
If the SQL Service SID (Default instance: NT SERVICE\MSSQLSERVER. Named instance: NT SERVICE\MSSQL$InstanceName) has been granted "Perform volume maintenance tasks" Local Rights Assignment and if it is not documented in the system documentation, this is a finding.
V-213976
False
SQL6-D0-009900
Review the system documentation to determine if Instant File Initialization (IFI) is required.
If IFI is documented as required, this is not a finding.
Review system configuration to determine whether IFI support has been enabled (by default in SQL Server 2016).
Start >> Control Panel >> Administrative Tools >> Local Security Policy >> Local Policies >> User Rights Assignment
If the SQL Service SID (Default instance: NT SERVICE\MSSQLSERVER. Named instance: NT SERVICE\MSSQL$InstanceName) has been granted "Perform volume maintenance tasks" Local Rights Assignment and if it is not documented in the system documentation, this is a finding.
M
3993