Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-2508 | DG0070-SQLServer9 | SV-24088r1_rule | IAAC-1 | Medium |
Description |
---|
Unauthorized user accounts provide unauthorized access to the database and may allow access to database objects. Only authorized users should be granted database accounts. |
STIG | Date |
---|---|
Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-04-03 |
Check Text ( None ) |
---|
None |
Fix Text (F-20403r1_fix) |
---|
Develop, document and implement procedures for authorizing creation and changes to user accounts. Monitor user accounts to verify that they remain authorized. Drop user accounts that are no longer authorized. |