Skip to main content

๐Ÿ’ผ 4 Database Services

  • Contextual name: ๐Ÿ’ผ 4 Database Services
  • ID: /frameworks/cis-azure-v1.4.0/04
  • Located in: ๐Ÿ’ผ CIS Azure v1.4.0

Descriptionโ€‹

Empty...

Similarโ€‹

  • Internal
    • ID: dec-b-4064652f

Sub Sectionsโ€‹

SectionSub SectionsInternal RulesPoliciesFlags
๐Ÿ’ผ 4.1 SQL Server - Auditing3
    ๐Ÿ’ผ 4.1.1 Ensure that 'Auditing' is set to 'On' - Level 1 (Automated)11
    ๐Ÿ’ผ 4.1.2 Ensure that 'Data encryption' is set to 'On' on a SQL Database - Level 1 (Automated)
    ๐Ÿ’ผ 4.1.3 Ensure that 'Auditing' Retention is 'greater than 90 days' - Level 1 (Automated)11
๐Ÿ’ผ 4.2 SQL Server - Azure Defender for SQL5
    ๐Ÿ’ผ 4.2.1 Ensure that Advanced Threat Protection (ATP) on a SQL Server is Set to 'Enabled' - Level 2 (Automated)
    ๐Ÿ’ผ 4.2.2 Ensure that Vulnerability Assessment (VA) is enabled on a SQL server by setting a Storage Account - Level 2 (Automated)
    ๐Ÿ’ผ 4.2.3 Ensure that VA setting 'Periodic recurring scans' to 'on' for each SQL server - Level 2 (Automated)
    ๐Ÿ’ผ 4.2.4 Ensure that VA setting 'Send scan reports to' is configured for a SQL server - Level 2 (Automated)
    ๐Ÿ’ผ 4.2.5 Ensure that Vulnerability Assessment Setting 'Also send email notifications to admins and subscription owners' is Set for Each SQL Server - Level 2 (Automated)
๐Ÿ’ผ 4.3 PostgreSQL Database Server8
    ๐Ÿ’ผ 4.3.1 Ensure 'Enforce SSL connection' is set to 'ENABLED' for PostgreSQL Database Server - Level 1 (Automated)11
    ๐Ÿ’ผ 4.3.2 Ensure Server Parameter 'log_checkpoints' is set to 'ON' for PostgreSQL Database Server - Level 1 (Automated)11
    ๐Ÿ’ผ 4.3.3 Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database Server - Level 1 (Automated)11
    ๐Ÿ’ผ 4.3.4 Ensure server parameter 'log_disconnections' is set to 'ON' for PostgreSQL Database Server - Level 1 (Automated)11
    ๐Ÿ’ผ 4.3.5 Ensure server parameter 'connection_throttling' is set to 'ON' for PostgreSQL Database Server - Level 1 (Automated)11
    ๐Ÿ’ผ 4.3.6 Ensure server parameter 'log_retention_days' is greater than 3 days for PostgreSQL Database Server - Level 1 (Automated)11
    ๐Ÿ’ผ 4.3.7 Ensure 'Allow access to Azure services' for PostgreSQL Database Server is disabled - Level 1 (Manual)11
    ๐Ÿ’ผ 4.3.8 Ensure 'Infrastructure double encryption' for PostgreSQL Database Server is 'Enabled' - Level 1 (Automated)11
๐Ÿ’ผ 4.4 MySQL Database2
    ๐Ÿ’ผ 4.4.1 Ensure 'Enforce SSL connection' is set to 'Enabled' for Standard MySQL Database Server - Level 1 (Automated)11
    ๐Ÿ’ผ 4.4.2 Ensure 'TLS Version' is set to 'TLSV1.2' for MySQL flexible Database Server - Level 1 (Automated)11
๐Ÿ’ผ 4.5 Ensure that Azure Active Directory Admin is configured - Level 1 (Automated)11
๐Ÿ’ผ 4.6 Ensure SQL server's TDE protector is encrypted with Customer-managed key - Level 2 (Automated)11