STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.

DISA Rule

SV-206520r617447_rule

Vulnerability Number

V-206520

Group Title

SRG-APP-000023

Rule Version

SRG-APP-000023-DB-000001

Severity

CAT II

CCI(s)

• CCI-000015 - The organization employs automated mechanisms to support the information system account management functions.

Weight

10

Fix Recommendation

Integrate DBMS security with an organization-level authentication/access mechanism providing account management for all users, groups, roles, and any other principals.

For each DBMS-managed account that is not documented and approved, either transfer it to management by the external mechanism, or document the need for it and obtain approval, as appropriate.

Check Contents

If all accounts are authenticated by the organization-level authentication/access mechanism and not by the DBMS, this is not a finding.

If there are any accounts managed by the DBMS, review the system documentation for justification and approval of these accounts.

If any DBMS-managed accounts exist that are not documented and approved, this is a finding.

Vulnerability Number

V-206520

Documentable

False

Rule Version

SRG-APP-000023-DB-000001

Severity Override Guidance

If all accounts are authenticated by the organization-level authentication/access mechanism and not by the DBMS, this is not a finding.

If there are any accounts managed by the DBMS, review the system documentation for justification and approval of these accounts.

If any DBMS-managed accounts exist that are not documented and approved, this is a finding.

Check Content Reference

M

Target Key

2902

Comments