Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-78655 | TANS-DB-000006 | SV-93361r1_rule | Medium |
Description |
---|
Failure to protect organizational information from data mining may result in a compromise of information. Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example: limiting the types of responses provided to database queries; limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases; and notifying organizational personnel when atypical database queries or accesses occur. |
STIG | Date |
---|---|
Tanium 7.0 Security Technical Implementation Guide | 2018-07-09 |
Check Text ( C-78225r1_chk ) |
---|
Access the Tanium Server interactively. Log on with an account with administrative privileges to the server. Navigate to Program Files >> Tanium >> Tanium Server. If any SQL stored queries (.sql files) or procedures are found, this is a finding. |
Fix Text (F-85391r1_fix) |
---|
Access the Tanium Server interactively. Log on with an account with administrative privileges to the server. Navigate to Program Files >> Tanium >> Tanium Server. Remove the SQL stored queries (.sql files) or procedures from the folder. |