STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:SV-206565r617447_rule
V-206565
SRG-APP-000220
SRG-APP-000220-DB-000149
CAT II
10
Configure DBMS settings to terminate sessions, invalidating their session identifiers, upon user logout.
Configure DBMS settings to terminate sessions, invalidating their session identifiers, upon the occurrence of any organization- or policy-defined session termination event.
Review DBMS settings and vendor documentation to verify user sessions are terminated, and session identifiers invalidated, upon user logout. If they are not, this is a finding.
Review system documentation and organization policy to identify other events that should result in session terminations.
If other session termination events are defined, review DBMS settings to verify occurrences of these events would cause session termination, invalidating the session identifiers.
If occurrences of defined session terminating events do not cause session terminations, invalidating the session identifiers, this is a finding.
V-206565
False
SRG-APP-000220-DB-000149
Review DBMS settings and vendor documentation to verify user sessions are terminated, and session identifiers invalidated, upon user logout. If they are not, this is a finding.
Review system documentation and organization policy to identify other events that should result in session terminations.
If other session termination events are defined, review DBMS settings to verify occurrences of these events would cause session termination, invalidating the session identifiers.
If occurrences of defined session terminating events do not cause session terminations, invalidating the session identifiers, this is a finding.
M
2902