USNS MONTFORD POINT - Findings

Vuln ID	Severity	Asset	STIG	Title	Doc Status
V-213910	CAT II	MONT-BE-002	MS SQL Server 2016 Database Security Tec...	In the event of a system failure, hardware loss or...	-
Check Text Review the system security plan (SSP) to determine whether the database is static, the recovery model to be used, the backup schedule, and the plan for testing database restoration. If the SSP does not state that the database is static, assume that it is not static. If any of the other information is absent, this is a finding. If the database is not static, and the documented recovery model is Bulk Logged, but the justification and authorization for this are not documented, this is a finding. Run the following to determine Recovery Model: USE [master] GO SELECT name, recovery_model_desc FROM sys.databases ORDER BY name If the recovery model description does not match the documented recovery model, this is a finding. Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Check the history of the backups by running the following query. It checks the last 30 days of backups by database. USE [msdb] GO SELECT database_name, CASE type WHEN 'D' THEN 'Full' WHEN 'I' THEN 'Differential' WHEN 'L' THEN 'Log' ELSE type END AS backup_type, is_copy_only, backup_start_date, backup_finish_date FROM dbo.backupset WHERE backup_start_date >= dateadd(day, - 30, getdate()) ORDER BY database_name, backup_start_date DESC If the history indicates a pattern of job failures by missing or gaps in backups, this is a finding. Review evidence that database recovery is tested annually or more often, and that the most recent test was successful. If not, this is a finding. Fix Text Modify the system security plan, to include whether the database is static, the correct recovery model to be used, the backup schedule, and the plan for testing database restoration. In SQL Server Management Studio, Object Explorer, right-click on the name of the database; select Properties. Select the Options page. Set the Recovery Model field, near the top of the page, to the correct value. In Object Explorer, expand >> SQL Server Agent >> Jobs. Create, modify, and delete jobs to implement the backup schedule. (Alternatively, this may done using T-SQL code or Third-party Backup software.) Correct any issues that have been causing backups to fail. Test the restoration of the database at least once a year; correct any issues that cause it to fail. Maintain a record of these tests. Finding Details Evaluate-STIG Instance: MONT-BE-002\BKUPEXEC64 Database: BEDB ResultHash: ~~~~~ DBA, Using name recovery_model_desc ---- ------------------- BEDB SIMPLE DBA, Review Jobs set database_name ------------- BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full 1.2507.5 (Scan-SqlServer2016Database_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: 8E9EDCB5731473AF6C0985483D9DA6823A8C71C2 the system documentation, confirm, the following recovery models.If the recovery model description does not match the documented recovery model, this is a finding.: the jobs set up to implement the backup plan. If they are absent, this is a finding. up to implement the backup plan: backup_type is_copy_only backup_start_date backup_finish_date ----------- ------------ ----------------- ------------------ True 10/23/2025 4:00:00 AM 10/23/2025 4:00:02 AM True 10/22/2025 11:50:20 PM 10/22/2025 11:51:06 PM True 10/22/2025 4:00:00 AM 10/22/2025 4:00:01 AM True 10/21/2025 11:49:04 PM 10/21/2025 11:49:50 PM True 10/21/2025 4:00:00 AM 10/21/2025 4:00:01 AM True 10/20/2025 11:50:18 PM 10/20/2025 11:51:03 PM True 10/20/2025 4:00:00 AM 10/20/2025 4:00:02 AM False 10/20/2025 12:45:48 AM 10/20/2025 12:46:38 AM True 10/19/2025 11:42:52 AM 10/19/2025 11:43:41 AM True 10/19/2025 4:00:02 AM 10/19/2025 4:00:03 AM True 10/18/2025 4:00:00 AM 10/18/2025 4:00:01 AM True 10/17/2025 4:00:00 AM 10/17/2025 4:00:01 AM True 10/16/2025 11:59:28 PM 10/17/2025 12:00:12 AM True 10/16/2025 4:00:00 AM 10/16/2025 4:00:02 AM True 10/16/2025 12:06:43 AM 10/16/2025 12:07:25 AM True 10/15/2025 4:00:01 AM 10/15/2025 4:00:03 AM True 10/15/2025 12:05:53 AM 10/15/2025 12:06:33 AM True 10/14/2025 4:00:00 AM 10/14/2025 4:00:01 AM True 10/13/2025 11:51:13 PM 10/13/2025 11:51:57 PM False 10/13/2025 4:36:27 AM 10/13/2025 4:37:13 AM True 10/13/2025 4:00:00 AM 10/13/2025 4:00:03 AM True 10/12/2025 4:00:00 AM 10/12/2025 4:00:00 AM True 10/11/2025 11:10:33 PM 10/11/2025 11:11:19 PM True 10/11/2025 4:00:00 AM 10/11/2025 4:00:01 AM True 10/10/2025 11:53:50 PM 10/10/2025 11:54:36 PM True 10/10/2025 4:00:00 AM 10/10/2025 4:00:01 AM True 10/9/2025 11:55:02 PM 10/9/2025 11:55:48 PM True 10/9/2025 4:00:00 AM 10/9/2025 4:00:01 AM True 10/8/2025 11:57:52 PM 10/8/2025 11:58:38 PM True 10/8/2025 4:00:00 AM 10/8/2025 4:00:01 AM True 10/7/2025 11:58:55 PM 10/7/2025 11:59:41 PM True 10/7/2025 4:00:00 AM 10/7/2025 4:00:02 AM True 10/6/2025 11:59:54 PM 10/7/2025 12:00:39 AM False 10/6/2025 4:06:44 AM 10/6/2025 4:07:33 AM True 10/6/2025 4:00:00 AM 10/6/2025 4:00:02 AM True 10/5/2025 4:00:01 AM 10/5/2025 4:00:02 AM True 10/5/2025 12:08:59 AM 10/5/2025 12:09:45 AM True 10/4/2025 4:00:00 AM 10/4/2025 4:00:01 AM True 10/3/2025 11:58:04 PM 10/3/2025 11:58:50 PM True 10/3/2025 4:00:00 AM 10/3/2025 4:00:01 AM True 10/2/2025 11:57:21 PM 10/2/2025 11:58:06 PM True 10/2/2025 4:00:00 AM 10/2/2025 4:00:01 AM True 10/1/2025 11:57:36 PM 10/1/2025 11:58:21 PM True 10/1/2025 4:00:00 AM 10/1/2025 4:00:01 AM True 9/30/2025 11:52:43 PM 9/30/2025 11:53:28 PM True 9/30/2025 4:00:01 AM 9/30/2025 4:00:02 AM True 9/29/2025 11:53:11 PM 9/29/2025 11:53:56 PM False 9/29/2025 4:10:28 AM 9/29/2025 4:11:17 AM True 9/29/2025 4:00:00 AM 9/29/2025 4:00:01 AM True 9/28/2025 4:00:00 AM 9/28/2025 4:00:02 AM True 9/27/2025 11:51:05 PM 9/27/2025 11:51:50 PM True 9/27/2025 4:00:00 AM 9/27/2025 4:00:02 AM True 9/26/2025 11:52:32 PM 9/26/2025 11:53:17 PM True 9/26/2025 4:00:00 AM 9/26/2025 4:00:02 AM True 9/25/2025 11:56:08 PM 9/25/2025 11:56:53 PM True 9/25/2025 11:34:56 AM 9/25/2025 11:35:42 AM True 9/25/2025 4:00:01 AM 9/25/2025 4:00:01 AM True 9/24/2025 12:12:36 PM 9/24/2025 12:13:21 PM True 9/24/2025 4:00:00 AM 9/24/2025 4:00:01 AM True 9/23/2025 7:41:09 PM 9/23/2025 7:41:54 PM Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_BEDB_V3R3_20251023-143959.ckl Scan Date: 2026-01-14T12:57:40.371699 Technology Area: Database Review
V-213910	CAT II	MONT-BE-002	MS SQL Server 2016 Database Security Tec...	In the event of a system failure, hardware loss or...	-
Check Text Review the system security plan (SSP) to determine whether the database is static, the recovery model to be used, the backup schedule, and the plan for testing database restoration. If the SSP does not state that the database is static, assume that it is not static. If any of the other information is absent, this is a finding. If the database is not static, and the documented recovery model is Bulk Logged, but the justification and authorization for this are not documented, this is a finding. Run the following to determine Recovery Model: USE [master] GO SELECT name, recovery_model_desc FROM sys.databases ORDER BY name If the recovery model description does not match the documented recovery model, this is a finding. Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Check the history of the backups by running the following query. It checks the last 30 days of backups by database. USE [msdb] GO SELECT database_name, CASE type WHEN 'D' THEN 'Full' WHEN 'I' THEN 'Differential' WHEN 'L' THEN 'Log' ELSE type END AS backup_type, is_copy_only, backup_start_date, backup_finish_date FROM dbo.backupset WHERE backup_start_date >= dateadd(day, - 30, getdate()) ORDER BY database_name, backup_start_date DESC If the history indicates a pattern of job failures by missing or gaps in backups, this is a finding. Review evidence that database recovery is tested annually or more often, and that the most recent test was successful. If not, this is a finding. Fix Text Modify the system security plan, to include whether the database is static, the correct recovery model to be used, the backup schedule, and the plan for testing database restoration. In SQL Server Management Studio, Object Explorer, right-click on the name of the database; select Properties. Select the Options page. Set the Recovery Model field, near the top of the page, to the correct value. In Object Explorer, expand >> SQL Server Agent >> Jobs. Create, modify, and delete jobs to implement the backup schedule. (Alternatively, this may done using T-SQL code or Third-party Backup software.) Correct any issues that have been causing backups to fail. Test the restoration of the database at least once a year; correct any issues that cause it to fail. Maintain a record of these tests. Finding Details Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: Instance: MONT-BE-002\BKUPEXEC64 Database: master ResultHash: 395BA62BE0A7FE22F0EA10837F6B718600499974 ~~~~~ DBA, Using the system documentation, confirm, the following recovery models.If the recovery model description does not match the documented recovery model, this is a finding.: name recovery_model_desc ---- ------------------- master SIMPLE DBA, Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Jobs set up to implement the backup plan: database_name backup_type is_copy_only backup_start_date backup_finish_date ------------- ----------- ------------ ----------------- ------------------ master Full True 10/23/2025 12:38:28 AM 10/23/2025 12:39:14 AM master Full True 10/22/2025 12:39:24 AM 10/22/2025 12:40:10 AM master Full True 10/21/2025 12:38:49 AM 10/21/2025 12:39:34 AM master Full False 10/20/2025 12:45:46 AM 10/20/2025 12:46:38 AM master Full True 10/19/2025 12:45:01 PM 10/19/2025 12:45:50 PM master Full True 10/17/2025 1:03:24 AM 10/17/2025 1:04:04 AM master Full True 10/16/2025 1:00:31 AM 10/16/2025 1:01:14 AM master Full True 10/15/2025 12:59:01 AM 10/15/2025 12:59:46 AM master Full True 10/14/2025 12:40:20 AM 10/14/2025 12:41:04 AM master Full False 10/13/2025 4:36:25 AM 10/13/2025 4:37:13 AM master Full True 10/12/2025 12:04:12 AM 10/12/2025 12:04:57 AM master Full True 10/11/2025 12:46:38 AM 10/11/2025 12:47:25 AM master Full True 10/10/2025 12:48:56 AM 10/10/2025 12:49:42 AM master Full True 10/9/2025 12:51:54 AM 10/9/2025 12:52:40 AM master Full True 10/8/2025 12:53:28 AM 10/8/2025 12:54:14 AM master Full True 10/7/2025 12:54:55 AM 10/7/2025 12:55:40 AM master Full False 10/6/2025 4:06:42 AM 10/6/2025 4:07:33 AM master Full True 10/5/2025 1:06:05 AM 10/5/2025 1:06:54 AM master Full True 10/4/2025 12:53:19 AM 10/4/2025 12:54:05 AM master Full True 10/3/2025 12:49:59 AM 10/3/2025 12:50:45 AM master Full True 10/2/2025 12:51:01 AM 10/2/2025 12:51:47 AM master Full True 10/1/2025 12:45:48 AM 10/1/2025 12:46:33 AM master Full True 9/30/2025 12:45:23 AM 9/30/2025 12:46:09 AM master Full False 9/29/2025 4:10:26 AM 9/29/2025 4:11:17 AM master Full True 9/28/2025 12:56:58 AM 9/28/2025 12:57:49 AM master Full True 9/27/2025 12:47:41 AM 9/27/2025 12:48:26 AM master Full True 9/26/2025 12:50:36 AM 9/26/2025 12:51:21 AM master Full True 9/25/2025 12:32:54 PM 9/25/2025 12:33:39 PM master Full True 9/24/2025 1:05:24 PM 9/24/2025 1:06:09 PM master Full True 9/23/2025 8:35:34 PM 9/23/2025 8:36:19 PM Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_master_V3R3_20251023-144120.ckl Scan Date: 2026-01-14T12:57:40.470811 Technology Area: Database Review
V-213910	CAT II	MONT-BE-002	MS SQL Server 2016 Database Security Tec...	In the event of a system failure, hardware loss or...	-
Check Text Review the system security plan (SSP) to determine whether the database is static, the recovery model to be used, the backup schedule, and the plan for testing database restoration. If the SSP does not state that the database is static, assume that it is not static. If any of the other information is absent, this is a finding. If the database is not static, and the documented recovery model is Bulk Logged, but the justification and authorization for this are not documented, this is a finding. Run the following to determine Recovery Model: USE [master] GO SELECT name, recovery_model_desc FROM sys.databases ORDER BY name If the recovery model description does not match the documented recovery model, this is a finding. Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Check the history of the backups by running the following query. It checks the last 30 days of backups by database. USE [msdb] GO SELECT database_name, CASE type WHEN 'D' THEN 'Full' WHEN 'I' THEN 'Differential' WHEN 'L' THEN 'Log' ELSE type END AS backup_type, is_copy_only, backup_start_date, backup_finish_date FROM dbo.backupset WHERE backup_start_date >= dateadd(day, - 30, getdate()) ORDER BY database_name, backup_start_date DESC If the history indicates a pattern of job failures by missing or gaps in backups, this is a finding. Review evidence that database recovery is tested annually or more often, and that the most recent test was successful. If not, this is a finding. Fix Text Modify the system security plan, to include whether the database is static, the correct recovery model to be used, the backup schedule, and the plan for testing database restoration. In SQL Server Management Studio, Object Explorer, right-click on the name of the database; select Properties. Select the Options page. Set the Recovery Model field, near the top of the page, to the correct value. In Object Explorer, expand >> SQL Server Agent >> Jobs. Create, modify, and delete jobs to implement the backup schedule. (Alternatively, this may done using T-SQL code or Third-party Backup software.) Correct any issues that have been causing backups to fail. Test the restoration of the database at least once a year; correct any issues that cause it to fail. Maintain a record of these tests. Finding Details Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: Instance: MONT-BE-002\BKUPEXEC64 Database: model ResultHash: E39750E1E291B6450D7C13D7212B0D09EBBE2248 ~~~~~ DBA, Using the system documentation, confirm, the following recovery models.If the recovery model description does not match the documented recovery model, this is a finding.: name recovery_model_desc ---- ------------------- model FULL DBA, Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Jobs set up to implement the backup plan: database_name backup_type is_copy_only backup_start_date backup_finish_date ------------- ----------- ------------ ----------------- ------------------ model Full True 10/23/2025 12:38:26 AM 10/23/2025 12:39:14 AM model Log False 10/22/2025 11:51:27 PM 10/22/2025 11:51:27 PM model Full True 10/22/2025 12:39:22 AM 10/22/2025 12:40:10 AM model Log False 10/21/2025 11:50:11 PM 10/21/2025 11:50:11 PM model Full True 10/21/2025 12:38:47 AM 10/21/2025 12:39:34 AM model Log False 10/20/2025 11:51:23 PM 10/20/2025 11:51:23 PM model Full False 10/20/2025 12:45:44 AM 10/20/2025 12:46:38 AM model Full True 10/19/2025 12:44:59 PM 10/19/2025 12:45:50 PM model Log False 10/19/2025 11:55:33 AM 10/19/2025 11:55:33 AM model Full True 10/17/2025 1:03:22 AM 10/17/2025 1:04:04 AM model Log False 10/17/2025 12:00:38 AM 10/17/2025 12:00:38 AM model Full True 10/16/2025 1:00:29 AM 10/16/2025 1:01:14 AM model Log False 10/16/2025 12:07:48 AM 10/16/2025 12:07:48 AM model Full True 10/15/2025 12:58:59 AM 10/15/2025 12:59:46 AM model Log False 10/15/2025 12:06:55 AM 10/15/2025 12:06:55 AM model Full True 10/14/2025 12:40:18 AM 10/14/2025 12:41:04 AM model Log False 10/13/2025 11:52:23 PM 10/13/2025 11:52:23 PM model Full False 10/13/2025 4:36:23 AM 10/13/2025 4:37:13 AM model Full True 10/12/2025 12:04:10 AM 10/12/2025 12:04:57 AM model Log False 10/11/2025 11:11:48 PM 10/11/2025 11:11:48 PM model Full True 10/11/2025 12:46:36 AM 10/11/2025 12:47:25 AM model Log False 10/10/2025 11:55:01 PM 10/10/2025 11:55:01 PM model Full True 10/10/2025 12:48:54 AM 10/10/2025 12:49:42 AM model Log False 10/9/2025 11:56:13 PM 10/9/2025 11:56:14 PM model Full True 10/9/2025 12:51:52 AM 10/9/2025 12:52:40 AM model Log False 10/8/2025 11:59:01 PM 10/8/2025 11:59:01 PM model Full True 10/8/2025 12:53:26 AM 10/8/2025 12:54:14 AM model Log False 10/8/2025 12:00:07 AM 10/8/2025 12:00:07 AM model Full True 10/7/2025 12:54:53 AM 10/7/2025 12:55:40 AM model Log False 10/7/2025 12:01:05 AM 10/7/2025 12:01:06 AM model Full False 10/6/2025 4:06:40 AM 10/6/2025 4:07:33 AM model Full True 10/5/2025 1:06:03 AM 10/5/2025 1:06:54 AM model Log False 10/5/2025 12:10:13 AM 10/5/2025 12:10:13 AM model Full True 10/4/2025 12:53:17 AM 10/4/2025 12:54:05 AM model Log False 10/3/2025 11:59:16 PM 10/3/2025 11:59:16 PM model Full True 10/3/2025 12:49:57 AM 10/3/2025 12:50:45 AM model Log False 10/2/2025 11:58:30 PM 10/2/2025 11:58:30 PM model Full True 10/2/2025 12:50:59 AM 10/2/2025 12:51:47 AM model Log False 10/1/2025 11:58:47 PM 10/1/2025 11:58:47 PM model Full True 10/1/2025 12:45:46 AM 10/1/2025 12:46:33 AM model Log False 9/30/2025 11:53:53 PM 9/30/2025 11:53:53 PM model Full True 9/30/2025 12:45:21 AM 9/30/2025 12:46:09 AM model Log False 9/29/2025 11:54:21 PM 9/29/2025 11:54:21 PM model Full False 9/29/2025 4:10:24 AM 9/29/2025 4:11:17 AM model Full True 9/28/2025 12:56:56 AM 9/28/2025 12:57:49 AM model Log False 9/27/2025 11:54:28 PM 9/27/2025 11:54:28 PM model Full True 9/27/2025 12:47:39 AM 9/27/2025 12:48:26 AM model Log False 9/26/2025 11:53:45 PM 9/26/2025 11:53:45 PM model Full True 9/26/2025 12:50:34 AM 9/26/2025 12:51:21 AM model Log False 9/25/2025 11:57:15 PM 9/25/2025 11:57:15 PM model Full True 9/25/2025 12:32:52 PM 9/25/2025 12:33:39 PM model Log False 9/25/2025 11:36:16 AM 9/25/2025 11:36:16 AM model Full True 9/24/2025 1:05:22 PM 9/24/2025 1:06:09 PM model Log False 9/24/2025 12:13:47 PM 9/24/2025 12:13:48 PM model Full True 9/23/2025 8:35:32 PM 9/23/2025 8:36:19 PM model Log False 9/23/2025 7:42:21 PM 9/23/2025 7:42:21 PM Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_model_V3R3_20251023-144128.ckl Scan Date: 2026-01-14T12:57:40.569961 Technology Area: Database Review
V-213910	CAT II	MONT-BE-002	MS SQL Server 2016 Database Security Tec...	In the event of a system failure, hardware loss or...	-
Check Text Review the system security plan (SSP) to determine whether the database is static, the recovery model to be used, the backup schedule, and the plan for testing database restoration. If the SSP does not state that the database is static, assume that it is not static. If any of the other information is absent, this is a finding. If the database is not static, and the documented recovery model is Bulk Logged, but the justification and authorization for this are not documented, this is a finding. Run the following to determine Recovery Model: USE [master] GO SELECT name, recovery_model_desc FROM sys.databases ORDER BY name If the recovery model description does not match the documented recovery model, this is a finding. Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Check the history of the backups by running the following query. It checks the last 30 days of backups by database. USE [msdb] GO SELECT database_name, CASE type WHEN 'D' THEN 'Full' WHEN 'I' THEN 'Differential' WHEN 'L' THEN 'Log' ELSE type END AS backup_type, is_copy_only, backup_start_date, backup_finish_date FROM dbo.backupset WHERE backup_start_date >= dateadd(day, - 30, getdate()) ORDER BY database_name, backup_start_date DESC If the history indicates a pattern of job failures by missing or gaps in backups, this is a finding. Review evidence that database recovery is tested annually or more often, and that the most recent test was successful. If not, this is a finding. Fix Text Modify the system security plan, to include whether the database is static, the correct recovery model to be used, the backup schedule, and the plan for testing database restoration. In SQL Server Management Studio, Object Explorer, right-click on the name of the database; select Properties. Select the Options page. Set the Recovery Model field, near the top of the page, to the correct value. In Object Explorer, expand >> SQL Server Agent >> Jobs. Create, modify, and delete jobs to implement the backup schedule. (Alternatively, this may done using T-SQL code or Third-party Backup software.) Correct any issues that have been causing backups to fail. Test the restoration of the database at least once a year; correct any issues that cause it to fail. Maintain a record of these tests. Finding Details Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: Instance: MONT-BE-002\BKUPEXEC64 Database: msdb ResultHash: E2C6BBDD4D4F15CF28045C75CBFABA554649BAF9 ~~~~~ DBA, Using the system documentation, confirm, the following recovery models.If the recovery model description does not match the documented recovery model, this is a finding.: name recovery_model_desc ---- ------------------- msdb SIMPLE DBA, Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Jobs set up to implement the backup plan: database_name backup_type is_copy_only backup_start_date backup_finish_date ------------- ----------- ------------ ----------------- ------------------ msdb Full True 10/23/2025 12:38:24 AM 10/23/2025 12:39:14 AM msdb Full True 10/22/2025 12:39:20 AM 10/22/2025 12:40:10 AM msdb Full True 10/21/2025 12:38:45 AM 10/21/2025 12:39:34 AM msdb Full False 10/20/2025 12:45:42 AM 10/20/2025 12:46:38 AM msdb Full True 10/19/2025 12:46:11 PM 10/19/2025 12:46:59 PM msdb Full True 10/19/2025 12:44:57 PM 10/19/2025 12:45:50 PM msdb Full True 10/17/2025 1:04:24 AM 10/17/2025 1:05:09 AM msdb Full True 10/17/2025 1:03:20 AM 10/17/2025 1:04:04 AM msdb Full True 10/16/2025 1:00:27 AM 10/16/2025 1:01:14 AM msdb Full True 10/15/2025 12:58:57 AM 10/15/2025 12:59:46 AM msdb Full True 10/14/2025 12:40:16 AM 10/14/2025 12:41:04 AM msdb Full False 10/13/2025 4:36:21 AM 10/13/2025 4:37:13 AM msdb Full True 10/12/2025 12:04:08 AM 10/12/2025 12:04:57 AM msdb Full True 10/11/2025 12:46:34 AM 10/11/2025 12:47:25 AM msdb Full True 10/10/2025 12:48:52 AM 10/10/2025 12:49:42 AM msdb Full True 10/9/2025 12:51:50 AM 10/9/2025 12:52:40 AM msdb Full True 10/8/2025 12:53:24 AM 10/8/2025 12:54:14 AM msdb Full True 10/7/2025 12:54:51 AM 10/7/2025 12:55:40 AM msdb Full False 10/6/2025 4:06:38 AM 10/6/2025 4:07:33 AM msdb Full True 10/5/2025 1:06:01 AM 10/5/2025 1:06:54 AM msdb Full True 10/4/2025 12:53:15 AM 10/4/2025 12:54:05 AM msdb Full True 10/3/2025 12:49:55 AM 10/3/2025 12:50:45 AM msdb Full True 10/2/2025 12:50:57 AM 10/2/2025 12:51:47 AM msdb Full True 10/1/2025 12:45:44 AM 10/1/2025 12:46:33 AM msdb Full True 9/30/2025 12:45:19 AM 9/30/2025 12:46:09 AM msdb Full False 9/29/2025 4:10:22 AM 9/29/2025 4:11:17 AM msdb Full True 9/28/2025 12:56:54 AM 9/28/2025 12:57:49 AM msdb Full True 9/27/2025 12:47:37 AM 9/27/2025 12:48:26 AM msdb Full True 9/26/2025 12:50:32 AM 9/26/2025 12:51:21 AM msdb Full True 9/25/2025 12:32:50 PM 9/25/2025 12:33:39 PM msdb Full True 9/24/2025 1:05:20 PM 9/24/2025 1:06:09 PM msdb Full True 9/23/2025 8:35:30 PM 9/23/2025 8:36:19 PM Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_msdb_V3R3_20251023-144148.ckl Scan Date: 2026-01-14T12:57:40.663257 Technology Area: Database Review
V-213910	CAT II	MONT-BE-002	MS SQL Server 2016 Database Security Tec...	In the event of a system failure, hardware loss or...	-
Check Text Review the system security plan (SSP) to determine whether the database is static, the recovery model to be used, the backup schedule, and the plan for testing database restoration. If the SSP does not state that the database is static, assume that it is not static. If any of the other information is absent, this is a finding. If the database is not static, and the documented recovery model is Bulk Logged, but the justification and authorization for this are not documented, this is a finding. Run the following to determine Recovery Model: USE [master] GO SELECT name, recovery_model_desc FROM sys.databases ORDER BY name If the recovery model description does not match the documented recovery model, this is a finding. Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Check the history of the backups by running the following query. It checks the last 30 days of backups by database. USE [msdb] GO SELECT database_name, CASE type WHEN 'D' THEN 'Full' WHEN 'I' THEN 'Differential' WHEN 'L' THEN 'Log' ELSE type END AS backup_type, is_copy_only, backup_start_date, backup_finish_date FROM dbo.backupset WHERE backup_start_date >= dateadd(day, - 30, getdate()) ORDER BY database_name, backup_start_date DESC If the history indicates a pattern of job failures by missing or gaps in backups, this is a finding. Review evidence that database recovery is tested annually or more often, and that the most recent test was successful. If not, this is a finding. Fix Text Modify the system security plan, to include whether the database is static, the correct recovery model to be used, the backup schedule, and the plan for testing database restoration. In SQL Server Management Studio, Object Explorer, right-click on the name of the database; select Properties. Select the Options page. Set the Recovery Model field, near the top of the page, to the correct value. In Object Explorer, expand >> SQL Server Agent >> Jobs. Create, modify, and delete jobs to implement the backup schedule. (Alternatively, this may done using T-SQL code or Third-party Backup software.) Correct any issues that have been causing backups to fail. Test the restoration of the database at least once a year; correct any issues that cause it to fail. Maintain a record of these tests. Finding Details Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: Instance: MONT-BE-002\BKUPEXEC64 Database: tempdb ResultHash: 7B70FAB7C105E5A4859824ED0D47B00198F21A27 ~~~~~ DBA, Using the system documentation, confirm, the following recovery models.If the recovery model description does not match the documented recovery model, this is a finding.: name recovery_model_desc ---- ------------------- tempdb SIMPLE DBA, Review the jobs set up to implement the backup plan. If they are absent, this is a finding. No results were returned by the backup plan check query. Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_tempdb_V3R3_20251023-144154.ckl Scan Date: 2026-01-14T12:57:40.769694 Technology Area: Database Review

Check Text

Review the system security plan (SSP) to determine whether the database is static, the recovery model to be used, the backup schedule, and the plan for testing database restoration. If the SSP does not state that the database is static, assume that it is not static. If any of the other information is absent, this is a finding. If the database is not static, and the documented recovery model is Bulk Logged, but the justification and authorization for this are not documented, this is a finding. Run the following to determine Recovery Model: USE [master] GO SELECT name, recovery_model_desc FROM sys.databases ORDER BY name If the recovery model description does not match the documented recovery model, this is a finding. Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Check the history of the backups by running the following query. It checks the last 30 days of backups by database. USE [msdb] GO SELECT database_name, CASE type WHEN 'D' THEN 'Full' WHEN 'I' THEN 'Differential' WHEN 'L' THEN 'Log' ELSE type END AS backup_type, is_copy_only, backup_start_date, backup_finish_date FROM dbo.backupset WHERE backup_start_date >= dateadd(day, - 30, getdate()) ORDER BY database_name, backup_start_date DESC If the history indicates a pattern of job failures by missing or gaps in backups, this is a finding. Review evidence that database recovery is tested annually or more often, and that the most recent test was successful. If not, this is a finding.

Fix Text

Modify the system security plan, to include whether the database is static, the correct recovery model to be used, the backup schedule, and the plan for testing database restoration. In SQL Server Management Studio, Object Explorer, right-click on the name of the database; select Properties. Select the Options page. Set the Recovery Model field, near the top of the page, to the correct value. In Object Explorer, expand >> SQL Server Agent >> Jobs. Create, modify, and delete jobs to implement the backup schedule. (Alternatively, this may done using T-SQL code or Third-party Backup software.) Correct any issues that have been causing backups to fail. Test the restoration of the database at least once a year; correct any issues that cause it to fail. Maintain a record of these tests.

Finding Details

Evaluate-STIG Instance: MONT-BE-002\BKUPEXEC64 Database: BEDB ResultHash: ~~~~~ DBA, Using name recovery_model_desc ---- ------------------- BEDB SIMPLE DBA, Review Jobs set database_name ------------- BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full BEDB Full 1.2507.5 (Scan-SqlServer2016Database_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: 8E9EDCB5731473AF6C0985483D9DA6823A8C71C2 the system documentation, confirm, the following recovery models.If the recovery model description does not match the documented recovery model, this is a finding.: the jobs set up to implement the backup plan. If they are absent, this is a finding. up to implement the backup plan: backup_type is_copy_only backup_start_date backup_finish_date ----------- ------------ ----------------- ------------------ True 10/23/2025 4:00:00 AM 10/23/2025 4:00:02 AM True 10/22/2025 11:50:20 PM 10/22/2025 11:51:06 PM True 10/22/2025 4:00:00 AM 10/22/2025 4:00:01 AM True 10/21/2025 11:49:04 PM 10/21/2025 11:49:50 PM True 10/21/2025 4:00:00 AM 10/21/2025 4:00:01 AM True 10/20/2025 11:50:18 PM 10/20/2025 11:51:03 PM True 10/20/2025 4:00:00 AM 10/20/2025 4:00:02 AM False 10/20/2025 12:45:48 AM 10/20/2025 12:46:38 AM True 10/19/2025 11:42:52 AM 10/19/2025 11:43:41 AM True 10/19/2025 4:00:02 AM 10/19/2025 4:00:03 AM True 10/18/2025 4:00:00 AM 10/18/2025 4:00:01 AM True 10/17/2025 4:00:00 AM 10/17/2025 4:00:01 AM True 10/16/2025 11:59:28 PM 10/17/2025 12:00:12 AM True 10/16/2025 4:00:00 AM 10/16/2025 4:00:02 AM True 10/16/2025 12:06:43 AM 10/16/2025 12:07:25 AM True 10/15/2025 4:00:01 AM 10/15/2025 4:00:03 AM True 10/15/2025 12:05:53 AM 10/15/2025 12:06:33 AM True 10/14/2025 4:00:00 AM 10/14/2025 4:00:01 AM True 10/13/2025 11:51:13 PM 10/13/2025 11:51:57 PM False 10/13/2025 4:36:27 AM 10/13/2025 4:37:13 AM True 10/13/2025 4:00:00 AM 10/13/2025 4:00:03 AM True 10/12/2025 4:00:00 AM 10/12/2025 4:00:00 AM True 10/11/2025 11:10:33 PM 10/11/2025 11:11:19 PM True 10/11/2025 4:00:00 AM 10/11/2025 4:00:01 AM True 10/10/2025 11:53:50 PM 10/10/2025 11:54:36 PM True 10/10/2025 4:00:00 AM 10/10/2025 4:00:01 AM True 10/9/2025 11:55:02 PM 10/9/2025 11:55:48 PM True 10/9/2025 4:00:00 AM 10/9/2025 4:00:01 AM True 10/8/2025 11:57:52 PM 10/8/2025 11:58:38 PM True 10/8/2025 4:00:00 AM 10/8/2025 4:00:01 AM True 10/7/2025 11:58:55 PM 10/7/2025 11:59:41 PM True 10/7/2025 4:00:00 AM 10/7/2025 4:00:02 AM True 10/6/2025 11:59:54 PM 10/7/2025 12:00:39 AM False 10/6/2025 4:06:44 AM 10/6/2025 4:07:33 AM True 10/6/2025 4:00:00 AM 10/6/2025 4:00:02 AM True 10/5/2025 4:00:01 AM 10/5/2025 4:00:02 AM True 10/5/2025 12:08:59 AM 10/5/2025 12:09:45 AM True 10/4/2025 4:00:00 AM 10/4/2025 4:00:01 AM True 10/3/2025 11:58:04 PM 10/3/2025 11:58:50 PM True 10/3/2025 4:00:00 AM 10/3/2025 4:00:01 AM True 10/2/2025 11:57:21 PM 10/2/2025 11:58:06 PM True 10/2/2025 4:00:00 AM 10/2/2025 4:00:01 AM True 10/1/2025 11:57:36 PM 10/1/2025 11:58:21 PM True 10/1/2025 4:00:00 AM 10/1/2025 4:00:01 AM True 9/30/2025 11:52:43 PM 9/30/2025 11:53:28 PM True 9/30/2025 4:00:01 AM 9/30/2025 4:00:02 AM True 9/29/2025 11:53:11 PM 9/29/2025 11:53:56 PM False 9/29/2025 4:10:28 AM 9/29/2025 4:11:17 AM True 9/29/2025 4:00:00 AM 9/29/2025 4:00:01 AM True 9/28/2025 4:00:00 AM 9/28/2025 4:00:02 AM True 9/27/2025 11:51:05 PM 9/27/2025 11:51:50 PM True 9/27/2025 4:00:00 AM 9/27/2025 4:00:02 AM True 9/26/2025 11:52:32 PM 9/26/2025 11:53:17 PM True 9/26/2025 4:00:00 AM 9/26/2025 4:00:02 AM True 9/25/2025 11:56:08 PM 9/25/2025 11:56:53 PM True 9/25/2025 11:34:56 AM 9/25/2025 11:35:42 AM True 9/25/2025 4:00:01 AM 9/25/2025 4:00:01 AM True 9/24/2025 12:12:36 PM 9/24/2025 12:13:21 PM True 9/24/2025 4:00:00 AM 9/24/2025 4:00:01 AM True 9/23/2025 7:41:09 PM 9/23/2025 7:41:54 PM

Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_BEDB_V3R3_20251023-143959.ckl Scan Date: 2026-01-14T12:57:40.371699 Technology Area: Database Review

Check Text

Review the system security plan (SSP) to determine whether the database is static, the recovery model to be used, the backup schedule, and the plan for testing database restoration. If the SSP does not state that the database is static, assume that it is not static. If any of the other information is absent, this is a finding. If the database is not static, and the documented recovery model is Bulk Logged, but the justification and authorization for this are not documented, this is a finding. Run the following to determine Recovery Model: USE [master] GO SELECT name, recovery_model_desc FROM sys.databases ORDER BY name If the recovery model description does not match the documented recovery model, this is a finding. Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Check the history of the backups by running the following query. It checks the last 30 days of backups by database. USE [msdb] GO SELECT database_name, CASE type WHEN 'D' THEN 'Full' WHEN 'I' THEN 'Differential' WHEN 'L' THEN 'Log' ELSE type END AS backup_type, is_copy_only, backup_start_date, backup_finish_date FROM dbo.backupset WHERE backup_start_date >= dateadd(day, - 30, getdate()) ORDER BY database_name, backup_start_date DESC If the history indicates a pattern of job failures by missing or gaps in backups, this is a finding. Review evidence that database recovery is tested annually or more often, and that the most recent test was successful. If not, this is a finding.

Fix Text

Modify the system security plan, to include whether the database is static, the correct recovery model to be used, the backup schedule, and the plan for testing database restoration. In SQL Server Management Studio, Object Explorer, right-click on the name of the database; select Properties. Select the Options page. Set the Recovery Model field, near the top of the page, to the correct value. In Object Explorer, expand >> SQL Server Agent >> Jobs. Create, modify, and delete jobs to implement the backup schedule. (Alternatively, this may done using T-SQL code or Third-party Backup software.) Correct any issues that have been causing backups to fail. Test the restoration of the database at least once a year; correct any issues that cause it to fail. Maintain a record of these tests.

Finding Details

Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: Instance: MONT-BE-002\BKUPEXEC64 Database: master ResultHash: 395BA62BE0A7FE22F0EA10837F6B718600499974 ~~~~~ DBA, Using the system documentation, confirm, the following recovery models.If the recovery model description does not match the documented recovery model, this is a finding.: name recovery_model_desc ---- ------------------- master SIMPLE DBA, Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Jobs set up to implement the backup plan: database_name backup_type is_copy_only backup_start_date backup_finish_date ------------- ----------- ------------ ----------------- ------------------ master Full True 10/23/2025 12:38:28 AM 10/23/2025 12:39:14 AM master Full True 10/22/2025 12:39:24 AM 10/22/2025 12:40:10 AM master Full True 10/21/2025 12:38:49 AM 10/21/2025 12:39:34 AM master Full False 10/20/2025 12:45:46 AM 10/20/2025 12:46:38 AM master Full True 10/19/2025 12:45:01 PM 10/19/2025 12:45:50 PM master Full True 10/17/2025 1:03:24 AM 10/17/2025 1:04:04 AM master Full True 10/16/2025 1:00:31 AM 10/16/2025 1:01:14 AM master Full True 10/15/2025 12:59:01 AM 10/15/2025 12:59:46 AM master Full True 10/14/2025 12:40:20 AM 10/14/2025 12:41:04 AM master Full False 10/13/2025 4:36:25 AM 10/13/2025 4:37:13 AM master Full True 10/12/2025 12:04:12 AM 10/12/2025 12:04:57 AM master Full True 10/11/2025 12:46:38 AM 10/11/2025 12:47:25 AM master Full True 10/10/2025 12:48:56 AM 10/10/2025 12:49:42 AM master Full True 10/9/2025 12:51:54 AM 10/9/2025 12:52:40 AM master Full True 10/8/2025 12:53:28 AM 10/8/2025 12:54:14 AM master Full True 10/7/2025 12:54:55 AM 10/7/2025 12:55:40 AM master Full False 10/6/2025 4:06:42 AM 10/6/2025 4:07:33 AM master Full True 10/5/2025 1:06:05 AM 10/5/2025 1:06:54 AM master Full True 10/4/2025 12:53:19 AM 10/4/2025 12:54:05 AM master Full True 10/3/2025 12:49:59 AM 10/3/2025 12:50:45 AM master Full True 10/2/2025 12:51:01 AM 10/2/2025 12:51:47 AM master Full True 10/1/2025 12:45:48 AM 10/1/2025 12:46:33 AM master Full True 9/30/2025 12:45:23 AM 9/30/2025 12:46:09 AM master Full False 9/29/2025 4:10:26 AM 9/29/2025 4:11:17 AM master Full True 9/28/2025 12:56:58 AM 9/28/2025 12:57:49 AM master Full True 9/27/2025 12:47:41 AM 9/27/2025 12:48:26 AM master Full True 9/26/2025 12:50:36 AM 9/26/2025 12:51:21 AM master Full True 9/25/2025 12:32:54 PM 9/25/2025 12:33:39 PM master Full True 9/24/2025 1:05:24 PM 9/24/2025 1:06:09 PM master Full True 9/23/2025 8:35:34 PM 9/23/2025 8:36:19 PM

Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_master_V3R3_20251023-144120.ckl Scan Date: 2026-01-14T12:57:40.470811 Technology Area: Database Review

Check Text

Review the system security plan (SSP) to determine whether the database is static, the recovery model to be used, the backup schedule, and the plan for testing database restoration. If the SSP does not state that the database is static, assume that it is not static. If any of the other information is absent, this is a finding. If the database is not static, and the documented recovery model is Bulk Logged, but the justification and authorization for this are not documented, this is a finding. Run the following to determine Recovery Model: USE [master] GO SELECT name, recovery_model_desc FROM sys.databases ORDER BY name If the recovery model description does not match the documented recovery model, this is a finding. Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Check the history of the backups by running the following query. It checks the last 30 days of backups by database. USE [msdb] GO SELECT database_name, CASE type WHEN 'D' THEN 'Full' WHEN 'I' THEN 'Differential' WHEN 'L' THEN 'Log' ELSE type END AS backup_type, is_copy_only, backup_start_date, backup_finish_date FROM dbo.backupset WHERE backup_start_date >= dateadd(day, - 30, getdate()) ORDER BY database_name, backup_start_date DESC If the history indicates a pattern of job failures by missing or gaps in backups, this is a finding. Review evidence that database recovery is tested annually or more often, and that the most recent test was successful. If not, this is a finding.

Fix Text

Modify the system security plan, to include whether the database is static, the correct recovery model to be used, the backup schedule, and the plan for testing database restoration. In SQL Server Management Studio, Object Explorer, right-click on the name of the database; select Properties. Select the Options page. Set the Recovery Model field, near the top of the page, to the correct value. In Object Explorer, expand >> SQL Server Agent >> Jobs. Create, modify, and delete jobs to implement the backup schedule. (Alternatively, this may done using T-SQL code or Third-party Backup software.) Correct any issues that have been causing backups to fail. Test the restoration of the database at least once a year; correct any issues that cause it to fail. Maintain a record of these tests.

Finding Details

Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: Instance: MONT-BE-002\BKUPEXEC64 Database: model ResultHash: E39750E1E291B6450D7C13D7212B0D09EBBE2248 ~~~~~ DBA, Using the system documentation, confirm, the following recovery models.If the recovery model description does not match the documented recovery model, this is a finding.: name recovery_model_desc ---- ------------------- model FULL DBA, Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Jobs set up to implement the backup plan: database_name backup_type is_copy_only backup_start_date backup_finish_date ------------- ----------- ------------ ----------------- ------------------ model Full True 10/23/2025 12:38:26 AM 10/23/2025 12:39:14 AM model Log False 10/22/2025 11:51:27 PM 10/22/2025 11:51:27 PM model Full True 10/22/2025 12:39:22 AM 10/22/2025 12:40:10 AM model Log False 10/21/2025 11:50:11 PM 10/21/2025 11:50:11 PM model Full True 10/21/2025 12:38:47 AM 10/21/2025 12:39:34 AM model Log False 10/20/2025 11:51:23 PM 10/20/2025 11:51:23 PM model Full False 10/20/2025 12:45:44 AM 10/20/2025 12:46:38 AM model Full True 10/19/2025 12:44:59 PM 10/19/2025 12:45:50 PM model Log False 10/19/2025 11:55:33 AM 10/19/2025 11:55:33 AM model Full True 10/17/2025 1:03:22 AM 10/17/2025 1:04:04 AM model Log False 10/17/2025 12:00:38 AM 10/17/2025 12:00:38 AM model Full True 10/16/2025 1:00:29 AM 10/16/2025 1:01:14 AM model Log False 10/16/2025 12:07:48 AM 10/16/2025 12:07:48 AM model Full True 10/15/2025 12:58:59 AM 10/15/2025 12:59:46 AM model Log False 10/15/2025 12:06:55 AM 10/15/2025 12:06:55 AM model Full True 10/14/2025 12:40:18 AM 10/14/2025 12:41:04 AM model Log False 10/13/2025 11:52:23 PM 10/13/2025 11:52:23 PM model Full False 10/13/2025 4:36:23 AM 10/13/2025 4:37:13 AM model Full True 10/12/2025 12:04:10 AM 10/12/2025 12:04:57 AM model Log False 10/11/2025 11:11:48 PM 10/11/2025 11:11:48 PM model Full True 10/11/2025 12:46:36 AM 10/11/2025 12:47:25 AM model Log False 10/10/2025 11:55:01 PM 10/10/2025 11:55:01 PM model Full True 10/10/2025 12:48:54 AM 10/10/2025 12:49:42 AM model Log False 10/9/2025 11:56:13 PM 10/9/2025 11:56:14 PM model Full True 10/9/2025 12:51:52 AM 10/9/2025 12:52:40 AM model Log False 10/8/2025 11:59:01 PM 10/8/2025 11:59:01 PM model Full True 10/8/2025 12:53:26 AM 10/8/2025 12:54:14 AM model Log False 10/8/2025 12:00:07 AM 10/8/2025 12:00:07 AM model Full True 10/7/2025 12:54:53 AM 10/7/2025 12:55:40 AM model Log False 10/7/2025 12:01:05 AM 10/7/2025 12:01:06 AM model Full False 10/6/2025 4:06:40 AM 10/6/2025 4:07:33 AM model Full True 10/5/2025 1:06:03 AM 10/5/2025 1:06:54 AM model Log False 10/5/2025 12:10:13 AM 10/5/2025 12:10:13 AM model Full True 10/4/2025 12:53:17 AM 10/4/2025 12:54:05 AM model Log False 10/3/2025 11:59:16 PM 10/3/2025 11:59:16 PM model Full True 10/3/2025 12:49:57 AM 10/3/2025 12:50:45 AM model Log False 10/2/2025 11:58:30 PM 10/2/2025 11:58:30 PM model Full True 10/2/2025 12:50:59 AM 10/2/2025 12:51:47 AM model Log False 10/1/2025 11:58:47 PM 10/1/2025 11:58:47 PM model Full True 10/1/2025 12:45:46 AM 10/1/2025 12:46:33 AM model Log False 9/30/2025 11:53:53 PM 9/30/2025 11:53:53 PM model Full True 9/30/2025 12:45:21 AM 9/30/2025 12:46:09 AM model Log False 9/29/2025 11:54:21 PM 9/29/2025 11:54:21 PM model Full False 9/29/2025 4:10:24 AM 9/29/2025 4:11:17 AM model Full True 9/28/2025 12:56:56 AM 9/28/2025 12:57:49 AM model Log False 9/27/2025 11:54:28 PM 9/27/2025 11:54:28 PM model Full True 9/27/2025 12:47:39 AM 9/27/2025 12:48:26 AM model Log False 9/26/2025 11:53:45 PM 9/26/2025 11:53:45 PM model Full True 9/26/2025 12:50:34 AM 9/26/2025 12:51:21 AM model Log False 9/25/2025 11:57:15 PM 9/25/2025 11:57:15 PM model Full True 9/25/2025 12:32:52 PM 9/25/2025 12:33:39 PM model Log False 9/25/2025 11:36:16 AM 9/25/2025 11:36:16 AM model Full True 9/24/2025 1:05:22 PM 9/24/2025 1:06:09 PM model Log False 9/24/2025 12:13:47 PM 9/24/2025 12:13:48 PM model Full True 9/23/2025 8:35:32 PM 9/23/2025 8:36:19 PM model Log False 9/23/2025 7:42:21 PM 9/23/2025 7:42:21 PM

Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_model_V3R3_20251023-144128.ckl Scan Date: 2026-01-14T12:57:40.569961 Technology Area: Database Review

Check Text

Review the system security plan (SSP) to determine whether the database is static, the recovery model to be used, the backup schedule, and the plan for testing database restoration. If the SSP does not state that the database is static, assume that it is not static. If any of the other information is absent, this is a finding. If the database is not static, and the documented recovery model is Bulk Logged, but the justification and authorization for this are not documented, this is a finding. Run the following to determine Recovery Model: USE [master] GO SELECT name, recovery_model_desc FROM sys.databases ORDER BY name If the recovery model description does not match the documented recovery model, this is a finding. Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Check the history of the backups by running the following query. It checks the last 30 days of backups by database. USE [msdb] GO SELECT database_name, CASE type WHEN 'D' THEN 'Full' WHEN 'I' THEN 'Differential' WHEN 'L' THEN 'Log' ELSE type END AS backup_type, is_copy_only, backup_start_date, backup_finish_date FROM dbo.backupset WHERE backup_start_date >= dateadd(day, - 30, getdate()) ORDER BY database_name, backup_start_date DESC If the history indicates a pattern of job failures by missing or gaps in backups, this is a finding. Review evidence that database recovery is tested annually or more often, and that the most recent test was successful. If not, this is a finding.

Fix Text

Modify the system security plan, to include whether the database is static, the correct recovery model to be used, the backup schedule, and the plan for testing database restoration. In SQL Server Management Studio, Object Explorer, right-click on the name of the database; select Properties. Select the Options page. Set the Recovery Model field, near the top of the page, to the correct value. In Object Explorer, expand >> SQL Server Agent >> Jobs. Create, modify, and delete jobs to implement the backup schedule. (Alternatively, this may done using T-SQL code or Third-party Backup software.) Correct any issues that have been causing backups to fail. Test the restoration of the database at least once a year; correct any issues that cause it to fail. Maintain a record of these tests.

Finding Details

Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: Instance: MONT-BE-002\BKUPEXEC64 Database: msdb ResultHash: E2C6BBDD4D4F15CF28045C75CBFABA554649BAF9 ~~~~~ DBA, Using the system documentation, confirm, the following recovery models.If the recovery model description does not match the documented recovery model, this is a finding.: name recovery_model_desc ---- ------------------- msdb SIMPLE DBA, Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Jobs set up to implement the backup plan: database_name backup_type is_copy_only backup_start_date backup_finish_date ------------- ----------- ------------ ----------------- ------------------ msdb Full True 10/23/2025 12:38:24 AM 10/23/2025 12:39:14 AM msdb Full True 10/22/2025 12:39:20 AM 10/22/2025 12:40:10 AM msdb Full True 10/21/2025 12:38:45 AM 10/21/2025 12:39:34 AM msdb Full False 10/20/2025 12:45:42 AM 10/20/2025 12:46:38 AM msdb Full True 10/19/2025 12:46:11 PM 10/19/2025 12:46:59 PM msdb Full True 10/19/2025 12:44:57 PM 10/19/2025 12:45:50 PM msdb Full True 10/17/2025 1:04:24 AM 10/17/2025 1:05:09 AM msdb Full True 10/17/2025 1:03:20 AM 10/17/2025 1:04:04 AM msdb Full True 10/16/2025 1:00:27 AM 10/16/2025 1:01:14 AM msdb Full True 10/15/2025 12:58:57 AM 10/15/2025 12:59:46 AM msdb Full True 10/14/2025 12:40:16 AM 10/14/2025 12:41:04 AM msdb Full False 10/13/2025 4:36:21 AM 10/13/2025 4:37:13 AM msdb Full True 10/12/2025 12:04:08 AM 10/12/2025 12:04:57 AM msdb Full True 10/11/2025 12:46:34 AM 10/11/2025 12:47:25 AM msdb Full True 10/10/2025 12:48:52 AM 10/10/2025 12:49:42 AM msdb Full True 10/9/2025 12:51:50 AM 10/9/2025 12:52:40 AM msdb Full True 10/8/2025 12:53:24 AM 10/8/2025 12:54:14 AM msdb Full True 10/7/2025 12:54:51 AM 10/7/2025 12:55:40 AM msdb Full False 10/6/2025 4:06:38 AM 10/6/2025 4:07:33 AM msdb Full True 10/5/2025 1:06:01 AM 10/5/2025 1:06:54 AM msdb Full True 10/4/2025 12:53:15 AM 10/4/2025 12:54:05 AM msdb Full True 10/3/2025 12:49:55 AM 10/3/2025 12:50:45 AM msdb Full True 10/2/2025 12:50:57 AM 10/2/2025 12:51:47 AM msdb Full True 10/1/2025 12:45:44 AM 10/1/2025 12:46:33 AM msdb Full True 9/30/2025 12:45:19 AM 9/30/2025 12:46:09 AM msdb Full False 9/29/2025 4:10:22 AM 9/29/2025 4:11:17 AM msdb Full True 9/28/2025 12:56:54 AM 9/28/2025 12:57:49 AM msdb Full True 9/27/2025 12:47:37 AM 9/27/2025 12:48:26 AM msdb Full True 9/26/2025 12:50:32 AM 9/26/2025 12:51:21 AM msdb Full True 9/25/2025 12:32:50 PM 9/25/2025 12:33:39 PM msdb Full True 9/24/2025 1:05:20 PM 9/24/2025 1:06:09 PM msdb Full True 9/23/2025 8:35:30 PM 9/23/2025 8:36:19 PM

Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_msdb_V3R3_20251023-144148.ckl Scan Date: 2026-01-14T12:57:40.663257 Technology Area: Database Review

Check Text

Review the system security plan (SSP) to determine whether the database is static, the recovery model to be used, the backup schedule, and the plan for testing database restoration. If the SSP does not state that the database is static, assume that it is not static. If any of the other information is absent, this is a finding. If the database is not static, and the documented recovery model is Bulk Logged, but the justification and authorization for this are not documented, this is a finding. Run the following to determine Recovery Model: USE [master] GO SELECT name, recovery_model_desc FROM sys.databases ORDER BY name If the recovery model description does not match the documented recovery model, this is a finding. Review the jobs set up to implement the backup plan. If they are absent, this is a finding. Check the history of the backups by running the following query. It checks the last 30 days of backups by database. USE [msdb] GO SELECT database_name, CASE type WHEN 'D' THEN 'Full' WHEN 'I' THEN 'Differential' WHEN 'L' THEN 'Log' ELSE type END AS backup_type, is_copy_only, backup_start_date, backup_finish_date FROM dbo.backupset WHERE backup_start_date >= dateadd(day, - 30, getdate()) ORDER BY database_name, backup_start_date DESC If the history indicates a pattern of job failures by missing or gaps in backups, this is a finding. Review evidence that database recovery is tested annually or more often, and that the most recent test was successful. If not, this is a finding.

Fix Text

Modify the system security plan, to include whether the database is static, the correct recovery model to be used, the backup schedule, and the plan for testing database restoration. In SQL Server Management Studio, Object Explorer, right-click on the name of the database; select Properties. Select the Options page. Set the Recovery Model field, near the top of the page, to the correct value. In Object Explorer, expand >> SQL Server Agent >> Jobs. Create, modify, and delete jobs to implement the backup schedule. (Alternatively, this may done using T-SQL code or Third-party Backup software.) Correct any issues that have been causing backups to fail. Test the restoration of the database at least once a year; correct any issues that cause it to fail. Maintain a record of these tests.

Finding Details

Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: Instance: MONT-BE-002\BKUPEXEC64 Database: tempdb ResultHash: 7B70FAB7C105E5A4859824ED0D47B00198F21A27 ~~~~~ DBA, Using the system documentation, confirm, the following recovery models.If the recovery model description does not match the documented recovery model, this is a finding.: name recovery_model_desc ---- ------------------- tempdb SIMPLE DBA, Review the jobs set up to implement the backup plan. If they are absent, this is a finding. No results were returned by the backup plan check query.

Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_tempdb_V3R3_20251023-144154.ckl Scan Date: 2026-01-14T12:57:40.769694 Technology Area: Database Review