STIGQter STIGQter: STIG Summary: DBN-6300 IDPS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017: To protect against unauthorized data mining, the DBN-6300 must detect SQL code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.

DISA Rule

SV-79499r1_rule

Vulnerability Number

V-65009

Group Title

SRG-NET-000319-IDPS-00184

Rule Version

DBNW-IP-000035

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the DBN-6300 to detect code injection attacks.

Navigate to Application >> Time Learning.

Validate that the database or databases of interest has the "state" shield set to green (in detection mode).

If the "state" shield is not set to green:

1) Create a learned set (or new learned set) by clicking on the caret to the left of the database name;
2) Click on the "+" to the left of the "Time Periods" label;
3) Accept the default time period or enter the desired time period for the Learned Set; and
4) Click on "Commit Learning". This may take a small amount of time and will finish when the "Learned State" shows "Passed" and the "state" shield turns to green. Now the database is in protection mode for SQL injection attack.

Check Contents

Verify that the DBN-6300 is configured to detect code injection attacks.

Navigate to Application >> Time Learning.

Validate that the database or databases of interest has/have the "state" shield set to green (in detection mode).

If the "state" shield is not set to green, this is a finding (as the database or databases are not in detection mode).

Vulnerability Number

V-65009

Documentable

False

Rule Version

DBNW-IP-000035

Severity Override Guidance

Verify that the DBN-6300 is configured to detect code injection attacks.

Navigate to Application >> Time Learning.

Validate that the database or databases of interest has/have the "state" shield set to green (in detection mode).

If the "state" shield is not set to green, this is a finding (as the database or databases are not in detection mode).

Check Content Reference

M

Target Key

2949

Comments