STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must protect the confidentiality and integrity of all information at rest.

DISA Rule

SV-206570r617447_rule

Vulnerability Number

V-206570

Group Title

SRG-APP-000231

Rule Version

SRG-APP-000231-DB-000154

Severity

CAT II

CCI(s)

• CCI-001199 - The information system protects the confidentiality and/or integrity of organization-defined information at rest.

Weight

10

Fix Recommendation

Apply appropriate controls to protect the confidentiality and integrity of data at rest in the database.

Check Contents

If the application owner and Authorizing Official have determined that encryption of data at rest is NOT required, this is not a finding.

Review DBMS settings to determine whether controls exist to protect the confidentiality and integrity of data at rest in the database.

If controls do not exist or are not enabled, this is a finding.

Vulnerability Number

V-206570

Documentable

False

Rule Version

SRG-APP-000231-DB-000154

Severity Override Guidance

If the application owner and Authorizing Official have determined that encryption of data at rest is NOT required, this is not a finding.

Review DBMS settings to determine whether controls exist to protect the confidentiality and integrity of data at rest in the database.

If controls do not exist or are not enabled, this is a finding.

Check Content Reference

M

Target Key

2902

Comments