STIGQter STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must implement cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest (to include, at a minimum, PII and classified information) on organization-defined information system components.

DISA Rule

SV-206604r617447_rule

Vulnerability Number

V-206604

Group Title

SRG-APP-000428

Rule Version

SRG-APP-000428-DB-000386

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the DBMS, operating system/file system, and additional software as relevant, to provide the required level of cryptographic protection.

Check Contents

Review the system documentation to determine whether the organization has defined the information at rest that is to be protected from modification, which must include, at a minimum, PII and classified information.

If no information is identified as requiring such protection, this is not a finding.

Review the configuration of the DBMS, operating system/file system, and additional software as relevant.

If any of the information defined as requiring cryptographic protection from modification is not encrypted in a manner that provides the required level of protection, this is a finding.

Vulnerability Number

V-206604

Documentable

False

Rule Version

SRG-APP-000428-DB-000386

Severity Override Guidance

Review the system documentation to determine whether the organization has defined the information at rest that is to be protected from modification, which must include, at a minimum, PII and classified information.

If no information is identified as requiring such protection, this is not a finding.

Review the configuration of the DBMS, operating system/file system, and additional software as relevant.

If any of the information defined as requiring cryptographic protection from modification is not encrypted in a manner that provides the required level of protection, this is a finding.

Check Content Reference

M

Target Key

2902

Comments