STIGQter STIGQter: STIG Summary: MS SQL Server 2014 Database Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 26 Jan 2018:

When supporting applications that require security labeling of data, SQL Server must associate organization-defined types of security labels having organization-defined security label values with information in transmission.

DISA Rule

SV-81895r2_rule

Vulnerability Number

V-67405

Group Title

SRG-APP-000314-DB-000310

Rule Version

SQL4-00-032100

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Develop SQL or application code or acquire a third party tool to perform data labeling.

Check Contents

If security labeling is not required, this is not a finding.

If security labeling requirements have been specified, but the security labeling is not implemented or does not reliably maintain labels on information in transmission, this is a finding.

Vulnerability Number

V-67405

Documentable

False

Rule Version

SQL4-00-032100

Severity Override Guidance

If security labeling is not required, this is not a finding.

If security labeling requirements have been specified, but the security labeling is not implemented or does not reliably maintain labels on information in transmission, this is a finding.

Check Content Reference

M

Target Key

2637

Comments