STIGQter: STIG Summary: MS SQL Server 2016 Instance Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: MS SQL Server 2016 Instance Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-213992r617437_rule
V-213992
SRG-APP-000431-DB-000388
SQL6-D0-012400
CAT II
10
Configure SQL Server services to have a documented, dedicated account.
For non-domain servers, consider using virtual service accounts (VSA). See https://msdn.microsoft.com/en-us/library/ms143504.aspx#VA_Desc for more information.
For standalone, domain-joined servers, consider using managed service accounts. See https://msdn.microsoft.com/en-us/library/ms143504.aspx#MSA for more information.
For clustered instances, consider using group managed service accounts. See https://msdn.microsoft.com/en-us/library/ms143504.aspx#GMSA or https://blogs.msdn.microsoft.com/markweberblog/2016/05/25/group-managed-service-accounts-gmsa-and-sql-server-2016/ for more information.
Review the server documentation to obtain a listing of required service accounts. Review the accounts configured for all SQL Server services installed on the server.
Click Start >> Type "SQL Server Configuration Manager" >> Launch the program >> Click SQL Server Services tree node. Review the "Log On As" column for each service.
If any services are configured with the same service account or are configured with an account that is not documented and authorized, this is a finding.
V-213992
False
SQL6-D0-012400
Review the server documentation to obtain a listing of required service accounts. Review the accounts configured for all SQL Server services installed on the server.
Click Start >> Type "SQL Server Configuration Manager" >> Launch the program >> Click SQL Server Services tree node. Review the "Log On As" column for each service.
If any services are configured with the same service account or are configured with an account that is not documented and authorized, this is a finding.
M
3993