STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must use system clocks to generate time stamps for use in audit records and application data.

DISA Rule

SV-206537r617447_rule

Vulnerability Number

V-206537

Group Title

SRG-APP-000116

Rule Version

SRG-APP-000116-DB-000057

Severity

CAT II

CCI(s)

• CCI-000159 - The information system uses internal system clocks to generate time stamps for audit records.

Weight

10

Fix Recommendation

Deploy a DBMS that can use time stamp values obtained from or synchronized with the internal system clock used by the operating system.

Configure the DBMS to use time stamp values obtained from or synchronized with the internal system clock used by the operating system.

Check Contents

Using product documentation, verify that the DBMS uses current time stamp values obtained from or synchronized with the internal system clock used by the operating system.

If it is not able to, this is a finding.

If it is able to but is configured so that it does not do so, this is a finding.

Vulnerability Number

V-206537

Documentable

False

Rule Version

SRG-APP-000116-DB-000057

Severity Override Guidance

Using product documentation, verify that the DBMS uses current time stamp values obtained from or synchronized with the internal system clock used by the operating system.

If it is not able to, this is a finding.

If it is able to but is configured so that it does not do so, this is a finding.

Check Content Reference

M

Target Key

2902

Comments