An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Open sidebar
Navigate
Top
Search
Checks (
101
)
Print
Changes
Pages (
3/7
)
MS SQL Server 2016 Instance STIG
MS SQL Server 2016 Instance Security Technical Implementation Guide
v3 r3 (Released Jan. 30, 2025)
v3 r2 (Released Oct. 24, 2024)
v3 r1 (Released July 24, 2024)
v2 r12 (Released April 24, 2024)
v2 r11 (Released Jan. 24, 2024)
v2 r10 (Released July 27, 2023)
v2 r9 (Released April 27, 2023)
v2 r8 (Released Oct. 26, 2022)
v2 r7 (Released April 27, 2022)
v2 r6 (Released Jan. 27, 2022)
v2 r5 (Released Oct. 27, 2021)
v2 r4 (Released July 23, 2021)
v2 r3 (Released April 23, 2021)
v2 r2 (Released Jan. 22, 2021)
v2 r1 (Released Oct. 23, 2020)
v1 r10 (Released July 24, 2020)
v1 r9 (Released April 24, 2020)
v1 r8 (Released Jan. 24, 2020)
v1 r7 (Released Oct. 25, 2019)
v1 r6 (Released July 26, 2019)
v1 r5 (Released April 26, 2019)
v1 r4 (Released Jan. 25, 2019)
v1 r3 (Released Oct. 26, 2018)
v1 r2 (Released July 27, 2018)
v1 r1 (Released March 9, 2018)
ID
Vuln ID
Title
Cat
Status
SQL6-D0-007900
V-213964
If DBMS authentication using passwords is employed, SQL Server must enforce the DOD standards for password complexity and lifetime.
Cat I
SQL6-D0-008000
V-213965
Contained databases must use Windows principals.
Cat II
SQL6-D0-008200
V-213966
If passwords are used for authentication, SQL Server must transmit only encrypted representations of passwords.
Cat I
SQL6-D0-008300
V-213967
Confidentiality of information during transmission is controlled through the use of an approved TLS version.
Cat I
SQL6-D0-008400
V-213968
SQL Server must enforce authorized access to all PKI private keys stored/utilized by SQL Server.
Cat I
SQL6-D0-008700
V-213969
SQL Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.
Cat I
SQL6-D0-008800
V-213970
SQL Server must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
Cat II
SQL6-D0-009200
V-213971
SQL Server must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values.
Cat II
SQL6-D0-009500
V-213972
SQL Server must protect the confidentiality and integrity of all information at rest.
Cat I
SQL6-D0-009600
V-213973
The Service Master Key must be backed up and stored in a secure location that is not on the SQL Server.
Cat II
SQL6-D0-009700
V-213974
The Master Key must be backed up and stored in a secure location that is not on the SQL Server.
Cat II
SQL6-D0-009800
V-213975
SQL Server must prevent unauthorized and unintended information transfer via shared system resources.
Cat II
SQL6-D0-009900
V-213976
SQL Server must prevent unauthorized and unintended information transfer via Instant File Initialization (IFI).
Cat II
SQL6-D0-010000
V-213977
Access to database files must be limited to relevant processes and to authorized, administrative users.
Cat II
SQL6-D0-010100
V-213978
SQL Server must reveal detailed error messages only to documented and approved individuals or roles.
Cat II
Prev
1
2
3
4
5
6
7
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.