From MS SQL Server 2016 Instance Security Technical Implementation Guide
Part of SRG-APP-000231-DB-000154
Associated with: CCI-001199
Backup and recovery of the Master Key may be critical to the complete recovery of the database. Not having this key can lead to loss of data during recovery.
If the application owner and Authorizing Official have determined that encryption of data at rest is not required, this is not a finding. Review procedures for, and evidence of backup of, the Master Key in the System Security Plan. If the procedures or evidence does not exist, this is a finding. If the procedures do not indicate offline and off-site storage of the Master Key, this is a finding. If procedures do not indicate access restrictions to the Master Key backup, this is a finding.
Document and implement procedures to safely back up and store the Master Key. Include in the procedures methods to establish evidence of backup and storage, and careful, restricted access and restoration of the Master Key. Also, include provisions to store the key off-site. BACKUP MASTER KEY TO FILE = 'path_to_file' ENCRYPTION BY PASSWORD = 'password'; As this requires a password, take care to ensure it is not exposed to unauthorized persons or stored as plain text.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer