Product:
BigFix Compliance
Title:
Updated CIS Checklist for MSSQL Server with bug fixes
Published Sites:
CIS Checklist for MS SQL Server 2012 DB Engine, site version 10
CIS Checklist for MS SQL Server 2014, site version 3
CIS Checklist for MS SQL Server 2016, site version 9
CIS Checklist for MS SQL Server 2017, site version 7
(The site version is provided for air-gap customers.)
Details:
- Fixed and Improved implementation for the following check to avoid failure when any databases are offline or any special characters in database name
- 3.2 - Ensure CONNECT permissions on the ‘guest user’ is Revoked within all SQL Server databases excluding the master, msdb and tempdb
- 7.1 - Ensure ‘Symmetric Key encryption algorithm’ is set to ‘AES_128’ or higher in non-system databases
- 7.2 - Ensure Asymmetric Key Size is set to ‘greater than or equal to 2048’ in non-system databases
Actions to take:
- To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product, and you must be using BigFix version 9.2 and later.
- If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see https://help.hcltechsw.com/bigfix/10.0/compliance/Compliance/SCM_Users_Guide/c_using_synchronize_custom_checks_wiz.html
More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:
- BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance - BigFix Compliance SCM Checklists:
https://bigfix-wiki.hcltechsw.com/wikis/home?lang=enus#!/wiki/BigFix%20Wiki/page/SCM%20Checklists
We hope you find this latest release of SCM content useful and effective. Thank you!
– The BigFix Compliance team