Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-234076 | TANS-DB-000006 | SV-234076r612749_rule | Medium |
Description |
---|
Failure to protect organizational information from data mining may result in a compromise of information. Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example: limiting the types of responses provided to database queries; limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases; and notifying organizational personnel when atypical database queries or accesses occur. |
STIG | Date |
---|---|
Tanium 7.3 Security Technical Implementation Guide | 2021-12-20 |
Check Text ( C-37261r610728_chk ) |
---|
Access the Tanium Server interactively. Log on to the server with an account that has administrative privileges. Navigate to Program Files >> Tanium >> Tanium Server. If any SQL stored queries (.sql files) or procedures are found, this is a finding. |
Fix Text (F-37226r610729_fix) |
---|
Access the Tanium Server interactively. Log on to the server with an account that has administrative privileges. Navigate to Program Files >> Tanium >> Tanium Server. Remove the SQL stored queries (.sql files) or procedures from the folder. |