STIGQter STIGQter: STIG Summary: MS SQL Server 2016 Instance Security Technical Implementation Guide Version: 1 Release: 8 Benchmark Date: 24 Jan 2020: Default demonstration and sample databases, database objects, and applications must be removed.

DISA Rule

SV-93877r2_rule

Vulnerability Number

V-79171

Group Title

SRG-APP-000141-DB-000090

Rule Version

SQL6-D0-006900

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Remove all demonstration or sample databases from production instances.

Check Contents

Review the server documentation, if this system is identified as a development or test system, this check is Not Applicable.

If this system is identified as production, gather a listing of databases from the server and look for any matching the following general demonstration database names:

pubs
Northwind
AdventureWorks
WorldwideImporters

If any of these databases exist, this is a finding.

Vulnerability Number

V-79171

Documentable

False

Rule Version

SQL6-D0-006900

Severity Override Guidance

Review the server documentation, if this system is identified as a development or test system, this check is Not Applicable.

If this system is identified as production, gather a listing of databases from the server and look for any matching the following general demonstration database names:

pubs
Northwind
AdventureWorks
WorldwideImporters

If any of these databases exist, this is a finding.

Check Content Reference

M

Target Key

3219

Comments