Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
MS SQL Server 2016 Instance Security Technical Implementation Guide
SRG-APP-000508-DB-000358
SQL Server must generate audit records for all direct access to the database(s).
SQL Server must generate audit records for all direct access to the database(s).
An XCCDF Rule
Details
Profiles
Prose
SQL Server must generate audit records for all direct access to the database(s).
Medium Severity
<VulnDiscussion>In this context, direct access is any query, command, or call to SQL Server that comes from any source other than the application(s) that it supports. Examples would be the command line or a database management utility program. The intent is to capture all activity from administrative and non-standard sources.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>