STIGQter STIGQter: STIG Summary: Microsoft SQL Server 2012 Database Instance Security Technical Implementation Guide Version: 1 Release: 18 Benchmark Date: 25 Jan 2019: SQL Server must be monitored to discover unauthorized changes to stored procedures.

DISA Rule

SV-53933r4_rule

Vulnerability Number

V-41406

Group Title

SRG-APP-000133-DB-000179

Rule Version

SQL2-00-015200

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure a SQL Server timed job that automatically checks all system and user-defined Stored Procedures for modification.

(The supplemental file Track.sql, provided with this STIG, can be used to establish a monitoring job. This should be supplemented with a process for informing the appropriate personnel. Other techniques for achieving the same ends, such as the use of DDL triggers, are acceptable.)

Check Contents

Check for the existence of a job to monitor for changes to stored procedures:
EXEC msdb.dbo.sp_help_job @job_name = '<enter . . . job name>';

(Alternatively, in SQL Server Management Studio, navigate to SQL Server Agent and examine the job from there.)

If such a job, or an alternative method of monitoring stored procedures for modification, does not exist, this is a finding.

Vulnerability Number

V-41406

Documentable

False

Rule Version

SQL2-00-015200

Severity Override Guidance

Check for the existence of a job to monitor for changes to stored procedures:
EXEC msdb.dbo.sp_help_job @job_name = '<enter . . . job name>';

(Alternatively, in SQL Server Management Studio, navigate to SQL Server Agent and examine the job from there.)

If such a job, or an alternative method of monitoring stored procedures for modification, does not exist, this is a finding.

Check Content Reference

M

Target Key

2560

Comments