Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

SQL 2012 STIGS

Posted on 2014-12-18
3
Medium Priority
?
98 Views
Last Modified: 2015-12-30
I wanted to know if anyone has existing scripts that lockdown a 2012 SQL server with 2012 STIGS?
0
Comment
Question by:sarafara1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 40508623
The more  easier approach is using various means of script since various SQL components are involved and manual verification rather than one script as to lockdown specific to the STIG or any other benchmark. It is not straightforward, to align just to a standard and required some manual mapping on script lockdown and field of interest to STIG. Here is one good reference covering various component which I believe can be fulfiling the lockdown though not necessarily all STIG req. e.g. http://www.derekseaman.com/2010/07/automate-and-secure-your-sql-2008-r2.html

Consider using MS SQL has  best practice analyser https://labs.portcullis.co.uk/blog/ms-sql-server-audit-introduction/ that listed various areas but most of the surfaced area may not necessary be script easily.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question