STIGQter STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must generate time stamps, for audit records and application data, with a minimum granularity of one second.

DISA Rule

SV-206595r617447_rule

Vulnerability Number

V-206595

Group Title

SRG-APP-000375

Rule Version

SRG-APP-000375-DB-000323

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Deploy a DBMS that can generate and record time stamps with a granularity of one second or finer.

Configure auditing so that the time stamps are recorded to a precision of one second or finer.

Modify applications and/or column/field definitions so that the time stamps in audit trail columns/fields in application data are recorded to a precision of one second or finer.

Check Contents

Review product documentation to verify that the DBMS can generate time stamps with a granularity of one second or finer. If it cannot, this is a finding.

Review audit log records produced by the DBMS for confirmation that time stamps are recorded to a precision of one second or finer. If not, this is a finding.

Review time stamp values in audit trail columns/fields in application data in the database. If the time stamps are not recorded to a precision of one second or finer, this is a finding.

Vulnerability Number

V-206595

Documentable

False

Rule Version

SRG-APP-000375-DB-000323

Severity Override Guidance

Review product documentation to verify that the DBMS can generate time stamps with a granularity of one second or finer. If it cannot, this is a finding.

Review audit log records produced by the DBMS for confirmation that time stamps are recorded to a precision of one second or finer. If not, this is a finding.

Review time stamp values in audit trail columns/fields in application data in the database. If the time stamps are not recorded to a precision of one second or finer, this is a finding.

Check Content Reference

M

Target Key

2902

Comments