SQL stored queries or procedures installed during Tanium installation must be removed from the Tanium Server.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-78655	TANS-DB-000006	SV-93361r1_rule		Medium

Description
Failure to protect organizational information from data mining may result in a compromise of information. Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example: limiting the types of responses provided to database queries; limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases; and notifying organizational personnel when atypical database queries or accesses occur.

Description

Failure to protect organizational information from data mining may result in a compromise of information. Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example: limiting the types of responses provided to database queries; limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases; and notifying organizational personnel when atypical database queries or accesses occur.

STIG	Date
Tanium 7.0 Security Technical Implementation Guide	2018-07-09

Details

Check Text ( C-78225r1_chk )
Access the Tanium Server interactively. Log on with an account with administrative privileges to the server. Navigate to Program Files >> Tanium >> Tanium Server. If any SQL stored queries (.sql files) or procedures are found, this is a finding.

Fix Text (F-85391r1_fix)
Access the Tanium Server interactively. Log on with an account with administrative privileges to the server. Navigate to Program Files >> Tanium >> Tanium Server. Remove the SQL stored queries (.sql files) or procedures from the folder.