Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-40925 | SQL2-00-018300 | SV-53279r2_rule | Medium |
Description |
---|
SQL Server backups are a critical step in maintaining data assurance and availability. System-level information includes system-state information, operating system and application software, and licenses. Backups shall be consistent with organization-defined recovery time and recovery point objectives. SQL Server depends upon the availability and integrity of its software libraries. Without backups, compromise or loss of the software libraries can prevent a successful recovery of SQL Server operations. A mixture of full and incremental server-level backups by a third-party tool that backs up those software library directories would satisfy this requirement. |
STIG | Date |
---|---|
Microsoft SQL Server 2012 Database Instance Security Technical Implementation Guide | 2017-12-01 |
Check Text ( C-47580r1_chk ) |
---|
Review evidence of inclusion of SQL Server software libraries in current backup records. If the backup tool does not include SQL Server, this is a finding. |
Fix Text (F-46207r1_fix) |
---|
Ensure inclusion of all SQL Server software libraries into the backup process. |