Solved

SQL 2012 STIGS

Posted on 2014-12-18
3
66 Views
Last Modified: 2015-12-30
I wanted to know if anyone has existing scripts that lockdown a 2012 SQL server with 2012 STIGS?
0
Comment
Question by:sarafara1
3 Comments
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40508623
The more  easier approach is using various means of script since various SQL components are involved and manual verification rather than one script as to lockdown specific to the STIG or any other benchmark. It is not straightforward, to align just to a standard and required some manual mapping on script lockdown and field of interest to STIG. Here is one good reference covering various component which I believe can be fulfiling the lockdown though not necessarily all STIG req. e.g. http://www.derekseaman.com/2010/07/automate-and-secure-your-sql-2008-r2.html

Consider using MS SQL has  best practice analyser https://labs.portcullis.co.uk/blog/ms-sql-server-audit-introduction/ that listed various areas but most of the surfaced area may not necessary be script easily.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question