An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Open sidebar
Navigate
Top
Search
Checks (
101
)
Print
Changes
Pages (
7/7
)
MS SQL Server 2016 Instance STIG
MS SQL Server 2016 Instance Security Technical Implementation Guide
v3 r3 (Released Jan. 30, 2025)
v3 r2 (Released Oct. 24, 2024)
v3 r1 (Released July 24, 2024)
v2 r12 (Released April 24, 2024)
v2 r11 (Released Jan. 24, 2024)
v2 r10 (Released July 27, 2023)
v2 r9 (Released April 27, 2023)
v2 r8 (Released Oct. 26, 2022)
v2 r7 (Released April 27, 2022)
v2 r6 (Released Jan. 27, 2022)
v2 r5 (Released Oct. 27, 2021)
v2 r4 (Released July 23, 2021)
v2 r3 (Released April 23, 2021)
v2 r2 (Released Jan. 22, 2021)
v2 r1 (Released Oct. 23, 2020)
v1 r10 (Released July 24, 2020)
v1 r9 (Released April 24, 2020)
v1 r8 (Released Jan. 24, 2020)
v1 r7 (Released Oct. 25, 2019)
v1 r6 (Released July 26, 2019)
v1 r5 (Released April 26, 2019)
v1 r4 (Released Jan. 25, 2019)
v1 r3 (Released Oct. 26, 2018)
v1 r2 (Released July 27, 2018)
v1 r1 (Released March 9, 2018)
ID
Vuln ID
Title
Cat
Status
SQL6-D0-017200
V-214037
Remote Access feature must be disabled, unless specifically required and approved.
Cat II
SQL6-D0-017400
V-214038
Hadoop Connectivity feature must be disabled, unless specifically required and approved.
Cat II
SQL6-D0-017500
V-214039
Allow Polybase Export feature must be disabled, unless specifically required and approved.
Cat II
SQL6-D0-017600
V-214040
Remote Data Archive feature must be disabled, unless specifically required and approved.
Cat II
SQL6-D0-017700
V-214041
SQL Server External Scripts Enabled feature must be disabled, unless specifically required and approved.
Cat II
SQL6-D0-017800
V-214042
The SQL Server Browser service must be disabled unless specifically required and approved.
Cat III
SQL6-D0-017900
V-214043
SQL Server Replication Xps feature must be disabled, unless specifically required and approved.
Cat II
SQL6-D0-018000
V-214044
If the SQL Server Browser Service is specifically required and approved, SQL instances must be hidden.
Cat III
SQL6-D0-018100
V-214045
When using command-line tools such as SQLCMD in a mixed-mode authentication environment, users must use a logon method that does not expose the password.
Cat I
SQL6-D0-018200
V-214046
Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Cat I
SQL6-D0-018300
V-265870
Microsoft SQL Server products must be a version supported by the vendor.
Cat I
Prev
1...
3
4
5
6
7
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.