STIGQter: STIG Summary: Microsoft Windows Server 2016 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021:

Systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.

DISA Rule

SV-224843r569186_rule

Vulnerability Number

V-224843

Group Title

SRG-OS-000185-GPOS-00079

Rule Version

WN16-00-000280

Severity

CAT II

CCI(s)

• CCI-001199 - The information system protects the confidentiality and/or integrity of organization-defined information at rest.
• CCI-002475 - The information system implements cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest on organization-defined information system components.
• CCI-002476 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components.

Weight

10

Fix Recommendation

Configure systems that require additional protections due to factors such as inadequate physical protection or sensitivity of the data to employ encryption to protect the confidentiality and integrity of all information at rest.

Check Contents

Verify systems that require additional protections due to factors such as inadequate physical protection or sensitivity of the data employ encryption to protect the confidentiality and integrity of all information at rest.

If they do not, this is a finding.

Vulnerability Number

V-224843

Documentable

False

Rule Version

WN16-00-000280

Severity Override Guidance

Verify systems that require additional protections due to factors such as inadequate physical protection or sensitivity of the data employ encryption to protect the confidentiality and integrity of all information at rest.

If they do not, this is a finding.

Check Content Reference

M

Target Key

4205

Comments