Versions Compared

Old Version 4

changes.mady.by.user Amanda McGown

Saved on

compared with

New Version 5

changes.mady.by.user Amanda McGown

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview

This guide will walk through remotely scanning a domain-joined Microsoft SQL Database using CIS-CAT Pro Assessor v4 GUI. If the Database is not domain joined, please see the this guide: https://cisecurity.atlassian.net/l/cp/cgtfNpKt

Requirements

  • Windows target machine hosting the SQL server is domain-joined

  • SQL Authentication Mode is set to Mixed Mode (SQL and Windows Authentication)

  • User conducting scan has sysadmin permissions

Implementation Steps

Open the GUI

Select Advanced → Add remote or local target system

...

Once the options are configured to your liking, select next and the scan will begin

Troubleshooting Steps

If the scan is unsuccessful, check the SQL logs for a ’Login failed for user' message that matches the username in your JDBC string. Here’s a way to get SQL logs: https://docs.microsoft.com/en-us/sql/relational-databases/performance/view-the-sql-server-error-log-sql-server-management-studio?view=sql-server-ver15

...