Failure to a known secure state helps prevent a loss of confidentiality. In the event of a system failure, hardware loss or disk failure, SQL Server must be able to restore necessary databases with least disruption to mission processes.įailure to a known state can address safety or security in accordance with the mission/business needs of the organization. SQL Server must protect against a user falsely repudiating by ensuring databases are not in a trust relationship.
Examples of particular actions taken by individuals include creating information, sending a message, approving. Non-repudiation of actions taken is required in order to maintain data integrity. SQL Server must protect against a user falsely repudiating by ensuring only clearly unique Active Directory user accounts can connect to the database. To mitigate the risk of unauthorized access to sensitive information by entities. SQL Server must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.Īuthentication with a DoD-approved PKI certificate does not necessarily imply authorization to access SQL Server. Findings (MAC I - Mission Critical Sensitive) Finding ID
