UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

SQL Server must support the requirement to activate an alarm and/or automatically shut down the information system if an application component failure is detected. This can include conducting a graceful application shutdown to avoid losing information.


Overview

Finding ID Version Rule ID IA Controls Severity
V-40905 SQL2-00-023000 SV-53259r1_rule Medium
Description
Predictable failure prevention requires organizational planning to address system failure issues. If components key to maintaining system security fail to function, then SQL Server could continue operating in an insecure state. The organization must be prepared, and SQL Server and applications using SQL Server's databases must be configured to send an alarm for such conditions and/or automatically shut down SQL Server. If appropriate actions are not taken when application component failures occur, a denial of service condition may occur.
STIG Date
Microsoft SQL Server 2012 Database Instance Security Technical Implementation Guide 2014-06-23

Details

Check Text ( C-47560r2_chk )
Check SQL Server configuration to verify the system activates and alarms and/or triggers a system shutdown when an application component failure is detected.

If SQL Server does not take either or both actions, this is a finding.
Fix Text (F-46187r1_fix)
Configure SQL Server to activate an alarm and/or trigger a system shutdown when an application component failure is detected.