July 30, 2015 at 10:52 am
I am STIGing a 2012 box and wondered if anybody know a good resourse for figuring out how to resolve many of these checks. Please let me know
I would like to post a specific check and see if anyone has a way to mitigate. Your help is appreciated
Rule Title: SQL Server must verify there have not been unauthorized changes to SQL Server software and information.
Discussion:
Organizations are required to employ integrity verification applications on information systems to look for evidence of information tampering, errors, and omissions. The organization is also required to employ good software engineering practices with regard to commercial off-the-shelf integrity mechanisms (e.g., parity checks, cyclical redundancy checks, and cryptographic hashes), and to use tools to automatically monitor the integrity of the information system and the applications it hosts.
SQL Server opens data files and reads configuration files at system startup, system shutdown, and during abort recovery efforts.
Documentable: No
Check Content:
Determine if a baselining process, along with a regular comparison, is being performed on SQL Server software. By default, SQL Server is installed in the "program files/microsoft sql server" directory. If baselining and a comparison process are not being performed, this is a finding.
Fix Text:
Utilize a baselining and comparison process for the SQL Server software files.
Jeff
August 7, 2015 at 11:46 am
I was just wondering if anybody had any idea of what could be done with this STIG Check.
Any help would be appreciated.
Jeff
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply