From Microsoft SQL Server 2012 Database Instance Security Technical Implementation Guide
Part of SRG-APP-000233-DB-000124
Associated with: CCI-001084
Security functions are defined as "the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based".
Determine elements of security functionality (lists of permissions, additional authentication information, stored procedures, application specific auditing, etc.) which are being housed inside SQL server. For any elements found, check SQL Server to determine if these objects or code implementing security functionality are located in a separate security domain, such as a separate database or schema created specifically for security functionality. Run the following queryto list all the user-defined databases: SELECT Name FROM sys.databases WHERE database_id > 4 ORDER BY 1; If security-related database objects or code are not kept separate, this is a finding.
Locate security-related database objects and code in a separate database, schema, or other separate security domain from database objects and code implementing application logic.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer