Remote administrative access to the database should be monitored by the IAO or IAM.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15118 | DG0159-SQLServer9 | SV-25391r1_rule | EBRP-1 | Medium |
| Description |
|---|
| Remote administrative access to systems provides a path for access to and exploit of DBA privileges. Where the risk has been accepted to allow remote administrative access, it is imperative to instate increased monitoring of this access to detect any abuse or compromise. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-06-16 |
Details
| Check Text ( C-23552r1_chk ) |
|---|
| If remote administrative access to the database is disabled, this check is Not a Finding. Review policy, procedures and implementation evidence of monitoring of remote administrative access to the database with the IAO or IAM. If policy and procedures for monitoring remote administrative access do not exist or not implemented, this is a Finding. |
| Fix Text (F-23480r1_fix) |
|---|
| Develop, document and implement policy and procedures to monitor remote DBA access to the DBMS. The automated generation of a log report with automatic dissemination to the IAO and/or IAM may be used. Require and store an acknowledgement of receipt and confirmation of review for the log report. |