| From the query prompt: |
WHERE state = 0
Repeat for each database:
From the query prompt:
USE [database name]
SELECT name, SUSER_SNAME(sid)
ORDER BY name, SUSER_SNAME(sid)
If no keys are defined for any database, this check is Not a Finding.
If keys are returned, verify the key is associated with a DOD PKI Certificate.
Evidence may include review of the certificate of a signed file used to read the key into the database.
If the key is not from a DOD PKI certificate or evidence cannot be determined or presented, this is a Finding.