Documentation - V-276299

V-276299

Microsoft Azure SQL Managed Instance Security Technical Implementation Guide

CAT II

Title

Azure SQL Managed Instance must protect its audit configuration from unauthorized access, modification, and deletion.

Description

<VulnDiscussion>Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data; therefore, protecting audit tools is necessary to prevent unauthorized operation on audit data. Applications providing tools to interface with audit data will leverage user permissions and roles identifying the user accessing the tools and the corresponding rights the user enjoys to make access decisions regarding the deletion of audit tools. Audit tools include, but...

Fix Text (Documentation Requirement)

Apply or modify permissions on tools used to view or modify audit log data (to include traces used for audit purposes), to make them accessible by authorized personnel only. Remove audit-related permissions from individuals and roles not authorized to have them: USE master; DENY [ALTER ANY SERVER AUDIT] TO [User]; GO

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel