Produced by Araxis Merge on 9/9/2019 5:41:22 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | Webvram-v4.zip\20190725-webvram-source.zip\Documents\20190204_FISMA_WebVRAM(Azure)_ScanResults | WebVRAM Database Scan Justifications.docx | Tue Jul 23 23:11:38 2019 UTC |
2 | Webvram-v4.zip\20190725-webvram-source.zip\Documents\20190204_FISMA_WebVRAM(Azure)_ScanResults | WebVRAM Database Scan Justifications.docx | Tue Sep 3 19:49:48 2019 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 1 | 60 |
Changed | 0 | 0 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | Database S can Justif ications f or WebVRAM | |
2 | ||
3 | Summary: d bmanager o r loginman ager datab ase role g ranted | |
4 | Finding De tail:Occur renceType: Finding R ole=loginm anager, Gr antee=VA-N SOC-DB-Sca n | |
5 | Justificat ion: User granted ro le per the database scan scrip t | |
6 | Resolution : We’ll re move the u ser from t he databas e. | |
7 | ||
8 | Summary: D atabase ro le privile ge assignm ent | |
9 | Finding De tail:Occur renceType: Finding | |
10 | Role Name= loginmanag er, Permis sion=SELEC T, Databas e=master, | |
11 | Object=sql _logins | |
12 | Justificat ion: Some users need to login to the dat abase | |
13 | Resolution : User’s g ranted the loginmana ger privil ege will b e document ed in the system sec urity plan . | |
14 | ||
15 | Summary: A pplication object ow nership | |
16 | Finding De tail:Occur renceType: Finding | |
17 | Schema=db_ owner, Dat abase=WebV RAM_PrePro d, | |
18 | Type=DATAB ASE_ROLE | |
19 | Justificat ion: none | |
20 | Resolution : The obje ct ownersh ip will be documente d in the s ystem secu rity plan AND a user will be c reated whi ch can rea d/write da ta but not own the o bjects. | |
21 | ||
22 | Summary: D BMS data d efinition language u se | |
23 | Finding De tail:Occur renceType: Finding | |
24 | Owner=db_o wner, Sche ma Name=se clyr, Obje ct | |
25 | Type=DEFAU LT_CONSTRA INT, Creat ion Date=2 /4/2019 4: 20:36 PM, | |
26 | Object Nam e=DF_Users _Completed RequestFor m | |
27 | Justificat ion: none | |
28 | Resolution : The obje ct ownersh ip will be documente d in the s ystem secu rity plan AND a user will be c reated whi ch can rea d/write da ta but not allowed t o change t he data de finitions. | |
29 | ||
30 |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.