STIGQter STIGQter: STIG Summary: Database Security Requirements Guide Version: 2 Release: 9 Benchmark Date: 25 Oct 2019: The DBMS must generate audit records when unsuccessful attempts to add privileges/permissions occur.

DISA Rule

SV-72503r2_rule

Vulnerability Number

V-58073

Group Title

SRG-APP-000495-DB-000327

Rule Version

SRG-APP-000495-DB-000327

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Deploy a DBMS capable of producing the required audit records when it denies or fails to complete attempts to add privileges/permissions/role membership.

Configure the DBMS to produce audit records when it denies attempts to add privileges/permissions/role membership.

Configure the DBMS to produce audit records when other errors prevent attempts to add privileges/permissions/role membership.

Check Contents

Review DBMS documentation to verify that audit records can be produced when the system denies or fails to complete attempts to add privileges/permissions/role membership.

If the DBMS is not capable of this, this is a finding.

Review the DBMS/database security and audit configurations to verify that audit records are produced when the DBMS denies the addition of privileges/permissions/role membership.

If they are not produced, this is a finding.

Review the DBMS/database security and audit configurations to verify that audit records are produced when other errors prevent the addition of privileges/permissions/role membership.

If they are not produced, this is a finding.

Vulnerability Number

V-58073

Documentable

False

Rule Version

SRG-APP-000495-DB-000327

Severity Override Guidance

Review DBMS documentation to verify that audit records can be produced when the system denies or fails to complete attempts to add privileges/permissions/role membership.

If the DBMS is not capable of this, this is a finding.

Review the DBMS/database security and audit configurations to verify that audit records are produced when the DBMS denies the addition of privileges/permissions/role membership.

If they are not produced, this is a finding.

Review the DBMS/database security and audit configurations to verify that audit records are produced when other errors prevent the addition of privileges/permissions/role membership.

If they are not produced, this is a finding.

Check Content Reference

M

Target Key

2219

Comments