STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance.

DISA Rule

SV-206599r617447_rule

Vulnerability Number

V-206599

Group Title

SRG-APP-000383

Rule Version

SRG-APP-000383-DB-000364

Severity

CAT II

CCI(s)

CCI-001762 - The organization disables organization-defined functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure.

Weight

Fix Recommendation

Deploy a DBMS capable of disabling a network function, port, protocol, or service prohibited by the PPSM guidance.

Disable each prohibited network function, port, protocol, or service.

Check Contents

Review the network functions, ports, protocols, and services supported by the DBMS.

If any protocol is prohibited by the PPSM guidance and is enabled, this is a finding.

Vulnerability Number

V-206599

Documentable

False

Rule Version

SRG-APP-000383-DB-000364

Severity Override Guidance

Review the network functions, ports, protocols, and services supported by the DBMS.

If any protocol is prohibited by the PPSM guidance and is enabled, this is a finding.

Check Content Reference

Target Key

2902

The DBMS must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments