Access Security Checks | CIS for SQL Server 2000 | CIS for SQL Server 2005 | CIS for SQL Server 2008 | CIS for SQL Server 2008 R2 | CIS for SQL Server 2012 | CIS for SQL Server 2014 | CIS for SQL Server 2016 | CIS for SQL Server 2017 | CIS for SQL Server 2019 | CIS for SQL Server 2022 | DISA-NIST STIG for SQL Server 2012 | DISA-NIST STIG for SQL Server 2014 | DISA-NIST STIG for SQL Server 2016 | European Union General Data Protection Regulation (GDPR) | HIPAA Guidelines for SQL Server | IDERA Level 1 - Basic Protection | IDERA Level 2 - Balanced Protection | IDERA Level 3 - Strong Protection | MS Best Practices Analyzer | NERC Critical Infrastructure Protection | PCI-DSS Guidelines for SQL Server | SNAC for SQL 2000 | SOX Section 404 | SRR Checklist for SQL Server 2000 | SRR Checklist for SQL Server 2005 or later |
|---|
Always Encrypted | Appropriate cryptographic modules have been used to encrypt data. | Assembly host policy | Backup Encryption (Native) | Backup Encryption (Non-Native) | Certificate private keys were never exported | Contained database authentication type | DAC Remote Access | Dangerous Extended Stored Procedures (XSPs) | Database Master Key encrypted by Service Master Key | Database Master Keys Encrypted by Password | Database roles and members | Dynamic Data Masking | Encryption Methods | Files On Drives Not Using NTFS | Fixed Roles Assigned To public Or guest | Guest User Enabled | Linked server is running as a member of sysadmin group | NTFS Folder Level Encryption | Operating System Version | Public role permissions | Remote Access | Required Administrative Accounts Do Not Exist | Row-Level Security | Server roles and members | Signed Objects | SQL Job permissions | SQL Jobs and Agent | SQL Server Browser Running | SQL Server database level encryption | Startup Stored Procedures | Startup Stored Procedures Enabled | Startup Stored Procedures permissions | Stored Procedures Encrypted | Symmetric key | Symmetric Keys Not Encrypted with a Certificate | Sysadmins Own Trustworthy Databases | Transparent Data Encryption | Unacceptable Database Ownership | User Defined Extended Stored Procedures (XSPs)
|
|---|
Ad Hoc Distributed Queries Enabled |
| X | X | X | X | X | X | X | X | X |
|
|
| X | X |
| X | X |
|
| X |
|
|
| X |
Common TCP Port Used | X | X | X | X | X | X | X | X | X | X |
|
|
|
| X |
| X | X |
| X | X | X |
|
| X |
Cross Database Ownership Chaining Enabled | X | X | X | X | X | X | X | X | X | X |
|
|
| X | X |
| X | X |
|
| X |
|
|
| X |
|
|
|
|
|
|
|
|
|
|
|
|
|
| X |
|
|
| X |
|
|
|
|
|
|
|
Integration Services Running | X | X | X |
|
|
|
|
|
|
|
|
|
|
| X |
| X | X |
|
| X |
|
|
|
|
Notification Services Running | X | X | X |
|
|
|
|
|
|
|
|
|
|
| X |
| X | X |
|
| X |
|
|
|
|
Reporting Services Running |
| X | X |
|
|
|
|
|
|
|
|
|
|
| X |
| X | X |
|
| X |
|
|
|
|
SQL Server Agent Running |
|
|
|
|
|
|
|
|
|
|
|
|
|
| X |
|
| X |
|
| X |
|
|
|
|
SQL Server Browser Running | X | X | X | X | X | X | X | X | X | X |
|
|
|
|
|
| X | X |
|
| X |
|
|
|
|
Unapproved Protocols | X | X | X | X | X | X | X | X | X | X |
|
|
|
| X |
| X | X |
| X | X | X |
|
| X |