UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

All use of privileged accounts must be audited.


Overview

Finding ID Version Rule ID IA Controls Severity
V-41042 SQL2-00-009700 SV-53417r3_rule Medium
Description
This is intended to limit exposure, by making it possible to trace any unauthorized access to other data or functionality by a privileged user account or role that has permissions on security functions or security-relevant information.
STIG Date
Microsoft SQL Server 2012 Database Instance Security Technical Implementation Guide 2015-12-21

Details

Check Text ( C-47659r3_chk )
Review auditing configuration. If it is possible for a privileged user/role to access non-security functions or information without having the action recorded in the audit log, this is a finding.
Fix Text (F-46341r2_fix)
Configure DBMS auditing so that all use of privileged accounts is recorded in the audit log.