STIGQter: STIG Summary: MS SQL Server 2014 Instance Security Technical Implementation Guide Version: 1 Release: 10 Benchmark Date: 24 Apr 2020: STIGQter: STIG Summary: MS SQL Server 2014 Instance Security Technical Implementation Guide Version: 1 Release: 10 Benchmark Date: 24 Apr 2020:SV-82303r2_rule
V-67813
SRG-APP-000133-DB-000199
SQL4-00-015500
CAT III
10
Separate database files (software, data) into dedicated directories.
Verify the SQL Server installations present on the server.
From a Command Prompt, type regedit.exe, and press [ENTER].
Navigate to HKEY_LOCAL_MACHINE >> SOFTWARE >> Microsoft >> Microsoft SQL Server >> Instance Names. Each instance installed on the server possesses a key inside a folder under this registry entry.
Analysis Services Instances are registered in the OLAP subfolder.
Reporting Services Instances are registered in the RS subfolder.
Standard SQL Server (database engine) Instances are registered in the SQL subfolder.
Inside each one of these folders, a single key is used to reference an Instance's specific Windows Registry tree. Each key will have its own registry tree at the following registry location: HKEY_LOCAL_MACHINE >> SOFTWARE >> Microsoft >> Microsoft SQL Server >> [INSTANCE NAME].
An [INSTANCE NAME] is listed as the Data component of a key found in one of the above OLAP, RS, or SQL folders.
To find the installation location of a particular instance, navigate to the following location in the Windows Registry:
HKEY_LOCAL_MACHINE >> SOFTWARE >> Microsoft >> Microsoft SQL Server >> [INSTANCE NAME] >> Setup. Examine the value of the 'SqlProgramDir' key. The value of the 'SqlProgramDir' key is the SQL Server installation directory for that SQL Server Instance.
Navigate to that folder location using a Command Prompt or Windows Explorer. Only applications that are required for the functioning and administration, not use, of SQL Server should be located on the same directory node as the SQL Server software libraries.
If any files or subfolders that are not part of the SQL Server installation are in the folder, this is a finding.
V-67813
False
SQL4-00-015500
Verify the SQL Server installations present on the server.
From a Command Prompt, type regedit.exe, and press [ENTER].
Navigate to HKEY_LOCAL_MACHINE >> SOFTWARE >> Microsoft >> Microsoft SQL Server >> Instance Names. Each instance installed on the server possesses a key inside a folder under this registry entry.
Analysis Services Instances are registered in the OLAP subfolder.
Reporting Services Instances are registered in the RS subfolder.
Standard SQL Server (database engine) Instances are registered in the SQL subfolder.
Inside each one of these folders, a single key is used to reference an Instance's specific Windows Registry tree. Each key will have its own registry tree at the following registry location: HKEY_LOCAL_MACHINE >> SOFTWARE >> Microsoft >> Microsoft SQL Server >> [INSTANCE NAME].
An [INSTANCE NAME] is listed as the Data component of a key found in one of the above OLAP, RS, or SQL folders.
To find the installation location of a particular instance, navigate to the following location in the Windows Registry:
HKEY_LOCAL_MACHINE >> SOFTWARE >> Microsoft >> Microsoft SQL Server >> [INSTANCE NAME] >> Setup. Examine the value of the 'SqlProgramDir' key. The value of the 'SqlProgramDir' key is the SQL Server installation directory for that SQL Server Instance.
Navigate to that folder location using a Command Prompt or Windows Explorer. Only applications that are required for the functioning and administration, not use, of SQL Server should be located on the same directory node as the SQL Server software libraries.
If any files or subfolders that are not part of the SQL Server installation are in the folder, this is a finding.
M
2639