STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must associate organization-defined types of security labels having organization-defined security label values with information in process.

DISA Rule

SV-206583r617447_rule

Vulnerability Number

V-206583

Group Title

SRG-APP-000313

Rule Version

SRG-APP-000313-DB-000309

Severity

CAT II

CCI(s)

• CCI-002263 - The organization provides the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in process.

Weight

10

Fix Recommendation

Enable DBMS features, deploy third-party software, or add custom data structures, data elements and application code, to provide reliable security labeling of information in process.

Check Contents

If security labeling is not required, this is not a finding.

If security labeling requirements have been specified, but the security labeling is not implemented or does not reliably maintain labels on information in process, this is a finding.

Vulnerability Number

V-206583

Documentable

False

Rule Version

SRG-APP-000313-DB-000309

Severity Override Guidance

If security labeling is not required, this is not a finding.

If security labeling requirements have been specified, but the security labeling is not implemented or does not reliably maintain labels on information in process, this is a finding.

Check Content Reference

M

Target Key

2902

Comments