U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

CIS SQL Server 2000 Benchmark v1.0.0 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Microsoft SQL Server 2000 cpe:/a:microsoft:sql_server:2000 (View CVEs)

Checklist Highlights

Checklist Name:
CIS SQL Server 2000 Benchmark
Checklist ID:
16
Version:
v1.0.0
Type:
Compliance
Review Status:
Archived
Authority:
Third Party: Center for Internet Security (CIS)
Original Publication Date:
11/30/2005

Checklist Summary:

This document is derived from research conducted utilizing the SQL Server 2000 environment on Windows 2000 servers and desktops and Windows 2003 servers. This document provides the necessary settings and procedures for the secure installation, setup, configuration, and operation of an MS SQL Server 2000 system. With the use of the settings and procedures in this document, an SQL Server 2000 database may be secured from conventional �¢??out of the box�¢?� threats. Recognizing the nature of security cannot and should not be limited to only the application the scope of this document is not limited to only SQL Server 2000 specific settings or configurations, but also addresses backups, archive logs, �¢??best practices�¢?� processes and procedures that are applicable to general software and hardware security.

Checklist Role:

  • Database Server

Known Issues:

Proper use of the Recommendations requires careful analysis and adaptation to specific user requirements. The Recommendations are not in any way intended to be a quick fix for anyone�¢??s information security needs. It is extremely important to conduct testing of security configurations on non-production systems prior to implementing them on production systems.

Target Audience:

Database System Administrators

Target Operational Environment:

  • Managed

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Refer to Known Issues.

Disclaimer:

Differs for Public and Private consumers, please read disclaimer information from the CIS web site located at: http://www.cisecurity.org/sub_form.html

Product Support:

Not provided.

Point of Contact:

windows-feedback@lists.cisecurity.org

Sponsor:

Not provided.

Licensing:

Differs for Public and Private consumers, please read licensing information from the CIS web site located athttp://www.cisecurity.org/sub_form.html

Change History: 

Updated URL - 7/26/19
Archive - 8/31/23

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 08/31/2023