UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

All applications that access the database should be logged in the audit trail.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3807 DG0052-SQLServer9 SV-24174r1_rule ECAT-1 ECAT-2 Medium
Description
Protections and privileges are designed within the database to correspond to access via authorized software. Use of unauthorized software to access the database could indicate an attempt to bypass established permissions. Reviewing the use of application software to the database can lead to discovery of unauthorized access attempts.
STIG Date
Microsoft SQL Server 2005 Instance Security Technical Implementation Guide 2015-06-16

Details

Check Text ( C-23493r1_chk )
Review the DBMS audit trail to determine if the names [or unique identifiers] of applications used to connect to the database are included.

If an alternate method other than DBMS logging is authorized and implemented, review the audit trail to determine if the names [or unique identifiers] of applications used to connect to the database are included.

If application access to the DBMS is not being audited, this is a Finding.

If auditing does not capture the name [or unique identifier] of applications accessing the DBMS at a minimum, this is a Finding.
Fix Text (F-20269r1_fix)
Modify auditing to ensure audit records include identification of applications used to access the DBMS.

Ensure auditing captures the name [or unique identifier] of applications accessing the DBMS at a minimum.

Develop or procure a 3rd-party solution where native DBMS logging is not employed or does not capture required information.