STIGQter: STIG Summary: MS SQL Server 2014 Instance Security Technical Implementation Guide Version: 1 Release: 10 Benchmark Date: 24 Apr 2020:

SQL Server must be configured to prohibit or restrict the use of unauthorized network protocols.

DISA Rule

SV-82349r1_rule

Vulnerability Number

V-67859

Group Title

SRG-APP-000142-DB-000094

Rule Version

SQL4-00-017400

Severity

CAT II

CCI(s)

CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

Fix Recommendation

In SQL Server Configuration Manager, right-click on each listed protocol that is enabled but not authorized; select Disable.

Check Contents

Open SQL Server Configuration Manager. Navigate to SQL Server Network Configuration > Protocols for <instance name>, where <instance name> is a placeholder for the SQL Server instance name.

If any listed protocol is enabled but not authorized, this is a finding.

Vulnerability Number

V-67859

Documentable

False

Rule Version

SQL4-00-017400

Severity Override Guidance

Check Content Reference

Target Key

2639

SQL Server must be configured to prohibit or restrict the use of unauthorized network protocols.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments