Security Readiness Reviews (SRR) SQL Server Database


Cinteot is pleased to offer a course in the hardening of SQL Server Database configuration and applications via the US Department of Defense (DoD) Secure Technical Implementation Guidelines (STIGs). Our Security Readiness Review (SRR) course is a 5-day (40 hour) class that will focus on SQL Server Databases.

Class Structure:

Our course is taught by an experienced, DISA RCP Certified Reviewer and focuses on the implementation of the STIGs as provided by the US Department of Defense. STIGs set the standard for information security within the DoD.

Cinteot’s Security Readiness Review (SRR) training courses employ the DoD Security Technical Implementation Guides (STIGs) as their main course material.  Cinteot provides virtual machines containing a partially secure version of the software being reviewed.  The instructor-led class includes a walkthrough of each check within the relevant STIGs and class discussion as to whether the check would be considered a Finding by a DISA RCP Certified reviewer. This process enables technologists to understand and anticipate how their systems/technologies will be viewed by a reviewer performing a DISA-sanctioned CCRI, C&A, or RMF audit.

Course Content:

Collecting preliminary information to prepare for an SRR. Performing an SQL Server Database SRR and identifying vulnerabilities. Performing a Generic Database SRR and identifying vulnerabilities. Entering data into VMS and producing a report of vulnerabilities found using VMS.

The course will address current vulnerabilities, IAVM security compliance, and methods of identifying them, personnel interviews, and prioritizing applicable SRRs. Students who complete this course will have the knowledge and training necessary to ensure that an SQL Server Database environment meets the minimum requirements for secure network operations via the DoD STIGs. This course will also include the current tools used to complete the review and the manual input of the data into the Vulnerability Management System (VMS).

After completing this course, students will be able to conduct an SRR using DISA Field Security Operations SRR Procedures for verifying STIG and IAVM Compliance on SQL Server Databases.


Cinteot currently trains all SRR technologies to DISA in addition to other DoD reviewers and technologists responsible for securing DoD and DoD-contractor programs world-wide. Cinteot currently provides Cybersecurity and/or Risk Management Framework services to multiple DoD entities including the Secretary of Defense Communication Office and the U.S. Airforce’s Ground Based Strategic Deterrent (Minuteman III).  Cinteot performs over 800 individual technology SRRs annually to entities DoD-wide and provides unspecified cybersecurity to the Intelligence Community.

For more information about our course offerings email us at or call us at (717) 496-9262.