Download
| Alert*
CCE-19244-3
Named Pipes network protocol should be configured appropriately. CCE-19741-8 The port which Sql Server Analysis Services uses should be configured appropriately. CCE-19557-8 Application object owner accounts for a specified database should be enabled or disabled as appropriate. CCE-19455-5 Ad Hoc distributed queries should be configured appropriately CCE-19662-6 Reporting Services Windows Integrated Security accounts should be configured appropriately CCE-19990-1 The built-in 'sa' account should be correctly named. CCE-19805-1 "Disallow adhoc access" for linked servers should be configured appropriately CCE-19613-9 Object permissions assigned to PUBLIC or GUEST for a specified database should be configured appropriately. CCE-19866-3 The SQL Mail XPs should be enabled or disabled as appropriate. CCE-19862-2 Access to DBMS software files and directories should be configured appropriately. CCE-19173-4 Permissions on system tables for a specified database should be configured appropriately CCE-19703-8 The Integration Services account should be configured appropriately. CCE-19787-1 DBMS settings to clear residual data from memory, data objects or files, or other storage locations should be configured appropriately. CCE-19511-5 Access to the FullTextDefaultPath directory should be audited or not audited as appropriate. CCE-19779-8 Access to the WorkingDirectory directory should be audited or not audited as appropriate. CCE-20011-3 Access to the ErrorLogFile should be audited or not audited as appropriate. CCE-19839-0 Access to SQL Server Agent CmdExec should be configured appropriately. CCE-19873-9 Access to the WorkingDirectory directory should be audited or not audited as appropriate. CCE-20019-6 Protection of symmetric keys for a specified database should be configured appropriately CCE-19561-0 Replication snapshot folders should be configured appropriately. CCE-19858-0 The Analysis Services server role should be configured appropriately CCE-19877-0 Required auditing parameters for database auditing should be set appropriately CCE-19896-0 Access extended stored procedure xp_cmdshell should be configured appropriately CCE-19771-5 Error log retention should be configured appropriately. CCE-19922-4 Storage of the database master key password for a speicifed database should be configured appropriately. CCE-19964-6 Analysis Services Links From Objects should be enabled or disabled as appropriate. CCE-19756-6 Command Language Runtime objects should be configured appropriately CCE-19494-4 The SQL Server MSSearch registry key permissions should be configured appropriately. CCE-19974-5 Analysis Services database roles should be configured appropriately for a specified server. CCE-19744-2 SQL Server Agent proxies should be configured appropriately. CCE-19808-5 C2 Audit records should be configured appropriately CCE-19827-5 Auditing attempts to bypass access controls should be configured appropriately. CCE-19320-1 Access to ActiveScripting jobs should be configured appropriately. CCE-19842-4 DBMS account passwords expiration should be configured appropriately CCE-19418-3 The Full Text Search account should be configured appropriately. CCE-19800-2 Reporting Services Web service requests and HTTP should be configured appropriately CCE-19172-6 OLE Automation extended stored procedures should configured appropriately. CCE-19936-4 SQL Server authentication should be configured appropriately. CCE-19577-6 The Database Mail XPs should be enabled or disabled as appropriate. CCE-19786-3 Remote access should be configured appropriately CCE-19959-6 Access to the DataDir directory should be audited or not audited as appropriate. CCE-19748-3 Access to the SQLPath directory should be audited or not audited as appropriate. CCE-20033-7 The Notification Services account should be configured appropriately. CCE-19528-9 Application object owner accounts for a specified database should be configured appropriately. CCE-19298-9 Analysis Services Anonymous Connections should be configured appropriately CCE-20018-8 Access to registry exended stored procedures should be configured appropriately. CCE-19676-6 Access to the ErrorDumpDir should be audited or not audited as appropriate. CCE-19876-2 Analysis Services Security Package List should be configured appropriately CCE-19853-1 Ownership of the asymmetric keys should be configured appropriately CCE-19237-7 Trace rollover should be configured appropriately. CCE-19872-1 Default demonstration and sample database objects and applications should be available or removed as appropriate. CCE-19967-9 The xp_cmdshell should be enabled or disabled as appropriate. CCE-19778-0 DBMS privileges to restore database data or other DBMS configurations, features or objects in a specified database should be configured appropriately. CCE-19891-1 The ports which the DBMS uses should be configured appropriately. CCE-19358-1 Database application permissions allowing DDL statements to modify the application schema for a specified database should be configured appropriately. CCE-19944-8 The SMO and DMO XPs options should be configured appropriately CCE-19453-0 Remote DBMS administration should be enabled or disabled as appropriate. CCE-19789-7 Permissions using the WITH GRANT OPTION for a specified database should be configured appropriately CCE-19302-9 The SQL Server Active Directory Helper account should be configured appropriately. CCE-19950-5 The default audit trace option should be configured appropriately. CCE-20001-4 Access to the SQLBinRoot directory should be audited or not audited as appropriate. CCE-19868-9 The permissions of the SQL Server Agent proxy accounts should be configured appropriately. CCE-19664-2 Analysis Services user-defined COM functions should be configured appropriately CCE-19080-1 Access to the SQLPath directory should be audited or not audited as appropriate. CCE-19762-4 Access to the SQLPath directory should be audited or not audited as appropriate. CCE-19325-0 The SQLServerADHelperUser registry key permissions should be configured appropriately. CCE-19785-5 SQL Server Agent Email should be configured appropriately CCE-19916-6 Access to the SQLProgramDir directory should be audited or not audited as appropriate. CCE-20032-9 Analysis Services Links to Objects is should be configured appropriately CCE-19962-0 Access to the DefaultLog file should be audited or not audited as appropriate. CCE-19336-7 Access to the SQLDataRoot directory should be audited or not audited as appropriate. CCE-19879-6 The SQL Server Agent account should be configured appropriately. CCE-19484-5 The db_owner role members for a specified replication database should be configured appropriately. CCE-19837-4 Access to the SQLBinRoot directory should be audited or not audited as appropriate. CCE-19852-3 The SQLServer2005ReportServerUser registry key permissions should be configured appropriately. CCE-19947-1 DBMS login account password complexity requirements should be configured appropriately CCE-19640-2 The SQL Server Database Service account should be configured appropriately. CCE-20000-6 SQL Server event forwarding should be configured appropriately CCE-19976-0 The "scan for startup procs" setting should be enabled or disabled as appropriate. CCE-19802-8 The Reporting Services account should be configured appropriately. CCE-19159-3 DDL permissions for a specified database and specified account should be configured appropriately CCE-19439-9 Passwords for DBMS default accounts should be set appropriately CCE-19575-0 Access to the SQLProgramDir directory should be audited or not audited as appropriate. CCE-19844-0 Reporting Services scheduled events and report delivery should be enabled or disabled as appropriate. CCE-19727-7 Fixed server roll membership should be configured appropriately. CCE-19882-0 Database TRUSTWORTHY status for a specific database should be configured appropriately CCE-19972-9 Custom and GOTS application source code for a specified databased should be encrypted or not encrypted as appropriate. CCE-19552-9 The Agent XPs options should be configured appropriately CCE-19571-9 Access to manage the database master key for a specified database should be configured appropriately. CCE-19965-3 The Web Assistant procedures configuration option should be configured appropriately CCE-19443-1 Access to Analysis Services data sources should be configured appropriately. CCE-19923-2 The SQL Writer account should be configured appropriately. CCE-19318-5 The SQL Server Browser account should be configured appropriately. CCE-19670-9 The Database Master Key for the specified database should be encrypted appropriately. CCE-19813-5 Audit records contents should be configured appropriately. CCE-19859-8 Analysis Services Required Protection Levels should be configured appropriately CCE-19878-8 Encryption of the asymmetric keys should be configured appropriately CCE-19817-6 Access to the BackupDirectory directory should be audited or not audited as appropriate. CCE-19897-8 Ad hoc data mining queries configuration option should be configured appropriately CCE-19254-2 The SQL Server Agent registry key permissions should be configured appropriately. CCE-19832-5 The Database Master key encryption password for a specified database should be configured appropriately CCE-19893-7 XML Web Services endpoints should be configured appropriately CCE-19148-6 Auditing of unauthorized access to the asymmetric keys should be configured appropriately CCE-19560-2 The Analysis Services account should be configured appropriately. CCE-19356-5 Access extended stored procedure xp_cmdshell should be configured appropriately CCE-19738-4 The SQL Server Service for a specified instance should be configure appropriately. CCE-19776-4 The SQL Server RS registry key permissions should be configured appropriately. |