STIGQter STIGQter: STIG Summary: DBN-6300 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

The DBN-6300 must obtain its public key certificates from an appropriate certificate policy through an approved service provider.

DISA Rule

SV-91719r1_rule

Vulnerability Number

V-77023

Group Title

SRG-APP-000516-NDM-000344

Rule Version

DBNW-DM-000141

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Verify that the Public Key Certificate is installed and has been obtained from an appropriate certificate policy through an approved service provider.

Set the trusted-ca variable within the DBN-6300 through the CLI.

This value is set with the following registry entry in the CLI:

Reg set /sysconfig/tls/trustedcas EOF
(enter/paste certificate here)
EOF

Check Contents

Verify that the Public Key Certificate is installed and has been obtained from an appropriate certificate policy through an approved service provider.

Navigate to CLI and verify that there is a registry entry similar to below:

Reg set /sysconfig/tls/trustedcas EOF
(enter/paste certificate here)
EOF

If an entry is not found in the registry with the appropriate certificate, this is a finding.

Vulnerability Number

V-77023

Documentable

False

Rule Version

DBNW-DM-000141

Severity Override Guidance

Verify that the Public Key Certificate is installed and has been obtained from an appropriate certificate policy through an approved service provider.

Navigate to CLI and verify that there is a registry entry similar to below:

Reg set /sysconfig/tls/trustedcas EOF
(enter/paste certificate here)
EOF

If an entry is not found in the registry with the appropriate certificate, this is a finding.

Check Content Reference

M

Target Key

2947

Comments