Improving Web Application Security: Threats and Countermeasures
| Check | Description |
|---|---|
|
| A strong sa password is used (for all accounts). |
|
| SQL Server guest user accounts are removed. |
|
| BUILTIN\Administrators server login is removed. |
|
| Permissions are not granted for the public role. |
|
| Members of sysadmin fixed server role are limited ( ideally , no more than two users). |
|
| Restricted database permissions are granted. Use of built-in roles, such as db_datareader and db_datawriter, are avoided because they provide limited authorization granularity. |
|
| Default permissions that are applied to SQL Server objects are not altered . |
Категории