Details

By default, Microsoft SQL Server enables participation in the customer experience improvement program (CEIP). This program collects information about how its customers are using the product. Specifically, SQL Server collects information about the installation experience, feature usage, and performance. This information helps Microsoft improve the product to better meet customer needs.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

To disable participation in the CEIP program, change the value of the following registry keys to zero (0).

To enable participation in the CEIP program, change the value of the following registry keys to one (1).

HKEY_LOCAL_MACHINESoftwareMicrosoftMicrosoft SQL Server[InstanceId]CPECustomerFeedback
HKEY_LOCAL_MACHINESoftwareMicrosoftMicrosoft SQL Server[InstanceId]CPEEnableErrorReporting
HKEY_LOCAL_MACHINESoftwareMicrosoftMicrosoft SQL Server130CustomerFeedback
HKEY_LOCAL_MACHINESoftwareMicrosoftMicrosoft SQL Server130EnableErrorReporting

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_SQL_Server_2016_Y22M01_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

• 800-53|CM-6b.
• CAT|II
• CCI|CCI-000366
• Rule-ID|SV-214026r754671_rule
• STIG-ID|SQL6-D0-016000
• STIG-Legacy|SV-94019
• STIG-Legacy|V-79313
• Vuln-ID|V-214026

Source

• Tenable.com/audits