STIGQter STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 25 Oct 2019: Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur.

DISA Rule

SV-83661r2_rule

Vulnerability Number

V-69057

Group Title

SRG-APP-000502-DB-000349

Rule Version

PPS9-00-011700

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Execute the following SQL as enterprisedb:

ALTER SYSTEM SET edb_audit_statement = 'all';
SELECT pg_reload_conf();

or

Update the system documentation to note the organizationally approved setting and corresponding justification of the setting for this requirement.

Check Contents

Review the system documentation to determine whether it is required to track categorized information, such as classification or sensitivity level. If it is not, this is not applicable (NA).

Execute the following SQL as enterprisedb:

SHOW edb_audit_statement;

If the result is not "all" or if the current setting for this requirement has not been noted and approved by the organization in the system documentation, this is a finding.

Vulnerability Number

V-69057

Documentable

False

Rule Version

PPS9-00-011700

Severity Override Guidance

Review the system documentation to determine whether it is required to track categorized information, such as classification or sensitivity level. If it is not, this is not applicable (NA).

Execute the following SQL as enterprisedb:

SHOW edb_audit_statement;

If the result is not "all" or if the current setting for this requirement has not been noted and approved by the organization in the system documentation, this is a finding.

Check Content Reference

M

Target Key

2933

Comments