V-40951 – SQL Server 2012 Database Instance DISA STIGs

If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!

V-40951

Title: “SQL Server must support the organizational requirement to employ automated mechanisms for enforcing access restrictions.”

Severity = Medium

Details = Obtain the SQL Server software library installation directory location. Continue reading “V-40951 – SQL Server 2012 Database Instance DISA STIGs”

V-40950 – SQL Server 2012 Database Instance DISA STIGs

If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!

V-40950

Title: “SQL Server must support the employment of automated mechanisms supporting the auditing of the enforcement actions.”

Severity = Medium

Details = Verify that Files and Folders that are part of the SQL Server 2012 Installation have auditing enabled. Continue reading “V-40950 – SQL Server 2012 Database Instance DISA STIGs”

Blog Stats – 2015

My first blog was posted in August of 2015. I didn’t think anyone would ever come to my site but that started to change the more I kept making posts.

Why Post Your Blog Stats?

To me, it’s pure motivation. I love numbers, stats, graphs, etc. So why not? I was a little hesitant to publish in the beginning because of how small my numbers were. It’s like the guy who just started going to lift weights at the gym and is embarrassed that he’s barely bench-pressing the bar next to guys benching 45s. Well, where did they start out? :) Everyone starts at the bottom and works their way up. Continue reading “Blog Stats – 2015”

V-43196 – SQL Server 2012 Database Instance DISA STIGs

If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!

V-43196

Title: “Domain accounts used to manage a SQL Server platform must be different from those used to manage other platforms.”

Severity = Medium

Details = Determine the accounts being used to manage the SQL Server operating system. Determine whether the same accounts are being used to manage other platforms. If the same account is used to manage more than one platform, this is a finding. Continue reading “V-43196 – SQL Server 2012 Database Instance DISA STIGs”

SQL Server Backup Under the SIMPLE Recovery Model

SQL Server Backup Under the SIMPLE Recovery Model

I tend to forget how to do certain database administration tasks if I don’t do them often enough. No matter how *SIMPLE* they might be. :)

Recently at work I saw a production database server that was in the SIMPLE recovery model, that was scheduled for weekly FULL backups and daily DIFFERENTIAL backups. I was a little confused when I first saw this. I wondered, “I thought you cannot do FULL backups in SIMPLE recovery model?” So I checked out Books Online. Continue reading “SQL Server Backup Under the SIMPLE Recovery Model”

Book Review – “Securing SQL Server 3rd Edition” by Denny Cherry

Over the past few years I have been applying DISA STIGs on countless SQL Server environments and never had a “go to” single source that would answer all my SQL Server security-related questions. If not answer, at least guide me in the right direction. That’s why I was super excited when I heard Brent Ozar recommend a book called, “Securing SQL Server” by Denny Cherry’s on his new Office Hours podcast.

I wish I came across Denny Cherry’s “Securing SQL Server” book earlier, but I believe everything happens for a reason so I’m not going to complain. Continue reading “Book Review – “Securing SQL Server 3rd Edition” by Denny Cherry”

Podcast Review – Office Hours with Brent Ozar Unlimited

It takes me roughly 45 minutes to get to work. I don’t like to listen to the radio. Last time I listened to the radio while driving I was blasting Pearl Jam, STP, Nirvana (yes, back in the 90s). Nowadays, I spend my driving time pondering about life, work, etc. How can I get better at work? How can I increase my knowledge of SQL Server? (Yes, I actually do think about that) What blogs, books, videos, podcasts are out there at I have not yet read/heard?

Office Hours Podcast

Podcast Review - Office Hours with Brent Ozar Unlimited
Office Hours with Brent Ozar Unlimited

Luckily for me, Brent Ozar (b | t) has recently launched his “Office Hours” live webinar event as a podcast and it’s available on iTunes. I recently subscribed to it and binge listened to all the episodes over the course of two days. (Yes, I binge listened to a SQL Server podcast on my way to and from work. Don’t hate. :) Continue reading “Podcast Review – Office Hours with Brent Ozar Unlimited”

V-40948 – SQL Server 2012 Database Instance DISA STIGs

If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!

V-40948

Title: “Software, applications, and configuration files that are part of, or related to, the SQL Server 2012 installation must be monitored to discover unauthorized changes.”

Severity = High

Details = Verify that files and folders that are part of, or related to, the SQL Server 2012 installation have only the appropriate privileges. Continue reading “V-40948 – SQL Server 2012 Database Instance DISA STIGs”

V-40945 – SQL Server 2012 Database Instance DISA STIGs

If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!

V-40945

Title: “Vendor-supported software and patches must be evaluated and patched against newly found vulnerabilities.”

Severity = High

Details = Check Microsoft’s list of supported SQL Server versions http://www.microsoft.com/sqlserver/en/us/support/support-updates.aspx Continue reading “V-40945 – SQL Server 2012 Database Instance DISA STIGs”

V-40941 – SQL Server 2012 Database Instance DISA STIGs

If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!

V-40941

Title: “SQL Server must have the SQL Server Data Tools (SSDT) software component removed from SQL Server if SSDT is unused.”

Severity = High

Details = Review the list of components and features installed with the database. Using an account with System Administrator privileges, from Command Prompt, open control.exe. Continue reading “V-40941 – SQL Server 2012 Database Instance DISA STIGs”

Pros & Cons of Following MCM & MVPs on Twitter

I follow over 80 people on Twitter. Over 30 of them are MVPs and/or MCMs.

That means when I wake up in the morning and scroll through my Twitter timeline…all I see are tweets to intellectual blog posts, discussions, #sqlhelp replies to tough questions, etc.

This is why following so many MCM and MVPs on Twitter (social media) is like a double-edged sword. Let’s start with the cons: Continue reading “Pros & Cons of Following MCM & MVPs on Twitter”

V-40932 – SQL Server 2012 Database Instance DISA STIGs

If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!

V-40932

Title: “SQL Server must recover to a known state that is verifiable.”

Severity = High

Details = Obtain the SQL Server recovery procedures and technical system features to determine if mechanisms exist and are in place to specify use of trusted files during SQL Server recovery. Continue reading “V-40932 – SQL Server 2012 Database Instance DISA STIGs”