AZ-020 Microsoft Azure

Azure SQL auditing is enabled.

Azure SQL auditing is enabled.

Domain
Microsoft Azure
Area
Database (SQL)
Automated / manual
Automated

Risk if it fails

No DB audit = no detection of data access.

Without database auditing, an attacker can read or export your records and there is no log showing they ever connected, let alone what they took.

How Tess tests it

1 test — each concludes only on cited evidence.

Azure SQL auditing is enabled.

Automated
Procedure
Confirm server/database auditing policy state=Enabled.

Read-only command 

az sql server audit-policy show --resource-group <rg> --name <server> 2>/dev/null

More in Microsoft Azure

AZ-001 MFA is enforced for all users, especially privileged roles. AZ-002 Number of Global Administrators is limited (typically 2-4). AZ-003 Privileged Identity Management (PIM) provides just-in-time elevation. AZ-004 Legacy/basic authentication is blocked.

Want Tess to test AZ-020 against your evidence?

Book a demo