STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:SV-206605r617447_rule
V-206605
SRG-APP-000429
SRG-APP-000429-DB-000387
CAT II
10
Configure the DBMS, operating system/file system, and additional software as relevant, to provide the required level of cryptographic protection for information requiring cryptographic protection against disclosure.
Secure the premises, equipment, and media to provide the required level of physical protection.
Review the system documentation to determine whether the organization has defined the information at rest that is to be protected from disclosure, which must include, at a minimum, PII and classified information.
If the documentation indicates no information requires such protections, this is not a finding.
Review the configuration of the DBMS, operating system/file system, and additional software as relevant.
If any of the information defined as requiring protection is not encrypted in a manner that provides the required level of protection and is not physically secured to the required level, this is a finding.
V-206605
False
SRG-APP-000429-DB-000387
Review the system documentation to determine whether the organization has defined the information at rest that is to be protected from disclosure, which must include, at a minimum, PII and classified information.
If the documentation indicates no information requires such protections, this is not a finding.
Review the configuration of the DBMS, operating system/file system, and additional software as relevant.
If any of the information defined as requiring protection is not encrypted in a manner that provides the required level of protection and is not physically secured to the required level, this is a finding.
M
2902