Documentation - V-271272

V-271272

Microsoft SQL Server 2022 Instance Security Technical Implementation Guide

CAT II

Title

SQL Server must generate audit records when attempts to access privileges, categorized information, and security objects occur.

Description

<VulnDiscussion>Under some circumstances, it may be useful to monitor who/what is reading privilege/permission/role information. Therefore, monitoring must be possible. DBMSs typically make such information available through views or functions. This requirement includes explicit requests for privilege/permission/role membership information. It does not refer to the implicit retrieval of privileges/permissions/role memberships that SQL Server continually performs to determine if any and every a...

Fix Text (Documentation Requirement)

Deploy an audit to log when attempts to access privileges, categorized information, security objects, and any other specific objects occur. Refer to the supplemental file "SQL 2022 Audit.sql".

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel