Skip to content

III - Administrative Sensitive

Rules and Groups employed by this XCCDF Profile

  • SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects.

    <VulnDiscussion>Changes in the permissions, privileges, and roles granted to users and roles must be tracked. Without an audit trail, unautho...
    Rule Medium Severity
  • SRG-APP-000495-DB-000329

    <GroupDescription></GroupDescription>
    Group
  • SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur.

    &lt;VulnDiscussion&gt;Failed attempts to change the permissions, privileges, and roles granted to users and roles must be tracked. Without an audit...
    Rule Medium Severity
  • SRG-APP-000496-DB-000334

    <GroupDescription></GroupDescription>
    Group
  • SQL Server must generate Trace or Audit records when locally-defined security objects are modified.

    &lt;VulnDiscussion&gt;SQL Server protects its built-in security objects (tables, views, functions, procedures, etc.) from alteration by database us...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules