Documentation - V-271328

V-271328

Microsoft SQL Server 2022 Instance Security Technical Implementation Guide

CAT II

Title

SQL Server must prevent unauthorized and unintended information transfer via shared system resources.

Description

<VulnDiscussion>The purpose of this control is to prevent information, including encrypted representations of information, produced by the actions of a prior user/role (or the actions of a process acting on behalf of a prior user/role) from being available to any current user/role (or current process) that obtains access to a shared system resource (e.g., registers, main memory, secondary storage) after the resource has been released back to the information system. Control of information in shar...

Fix Text (Documentation Requirement)

Configure SQL Server to effectively protect the private resources of one process or user from unauthorized access by another process or user. To enable the use of [Common Criteria Compliance], from the query prompt: EXEC SP_CONFIGURE 'show advanced options', 1; RECONFIGURE WITH OVERRIDE; EXEC SP_CONFIGURE 'common criteria compliance enabled', 1; RECONFIGURE WITH OVERRIDE; EXEC SP_CONFIGURE 'show advanced options', 0; RECONFIGURE WITH OVERRIDE;

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel