STIGQter: STIG Summary: Database Security Requirements Guide Version: 2 Release: 9 Benchmark Date: 25 Oct 2019: The DBMS must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements.DISA Rule
SV-72593r1_rule
Vulnerability Number
V-58163
Group Title
SRG-APP-000514-DB-000383
Rule Version
SRG-APP-000514-DB-000383
Severity
CAT II
CCI(s)
- CCI-002450 - The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
Weight
10
Fix Recommendation
Implement NIST FIPS 140-2 validated cryptographic modules to provide cryptographic protection for the unclassified information that requires it.
Check Contents
If the DBMS contains, or is intended to contain, unclassified information requiring confidentiality and cryptographic protection, and does not employ NIST FIPS 140-2 validated cryptographic modules to provide this protection, this is a finding.
Vulnerability Number
V-58163
Documentable
False
Rule Version
SRG-APP-000514-DB-000383
Severity Override Guidance
If the DBMS contains, or is intended to contain, unclassified information requiring confidentiality and cryptographic protection, and does not employ NIST FIPS 140-2 validated cryptographic modules to provide this protection, this is a finding.
Check Content Reference
M
Target Key
2219
Comments