Documentation - V-213939

V-213939

MS SQL Server 2016 Instance Security Technical Implementation Guide

CAT II

Title

SQL Server must generate audit records when attempts to access privileges, categorized information, and security objects occur.

Description

<VulnDiscussion>Under some circumstances, it may be useful to monitor who/what is reading privilege/permission/role information. Therefore, monitoring must be possible. DBMSs typically make such information available through views or functions. This requirement addresses explicit requests for privilege/permission/role membership information. It does not refer to the implicit retrieval of privileges/permissions/role memberships that SQL Server continually performs to determine if any and every ...

Fix Text (Documentation Requirement)

Deploy an audit to audit the retrieval of privilege/permission/role membership information. See the supplemental file "SQL 2016 Audit.sql".

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel