STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes.

DISA Rule

SV-206640r617447_rule

Vulnerability Number

V-206640

Group Title

SRG-APP-000514

Rule Version

SRG-APP-000514-DB-000382

Severity

CAT II

CCI(s)

• CCI-002450 - The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

Weight

10

Fix Recommendation

Implement a NIST FIPS 140-2 validated cryptographic module in the DBMS for generation and verification of cryptographic hashes.

Check Contents

If the DBMS does not employ NIST FIPS 140-2 validated cryptographic modules to generate and verify cryptographic hashes, this is a finding.

Vulnerability Number

V-206640

Documentable

False

Rule Version

SRG-APP-000514-DB-000382

Severity Override Guidance

If the DBMS does not employ NIST FIPS 140-2 validated cryptographic modules to generate and verify cryptographic hashes, this is a finding.

Check Content Reference

M

Target Key

2902

Comments