STIGQter STIGQter: STIG Summary:

VMW vRealize Automation 7.x PostgreSQL Security Technical Implementation Guide

Version: 1

Release: 1 Benchmark Date: 28 Sep 2018

CheckedNameTitle
SV-99977r1_rulevRA PostgreSQL database log file data must contain required data elements.
SV-99979r1_ruleThe vRA PostgreSQL configuration file must not be accessible by unauthorized users.
SV-99981r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-99983r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-99985r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-99987r1_rulevRA PostgreSQL database log file data must contain required data elements.
SV-99989r1_rulevRA PostgreSQL database log file data must contain required data elements.
SV-99991r1_rulevRA PostgreSQL database log file data must contain required data elements.
SV-99993r1_rulevRA PostgreSQL database log file data must contain required data elements.
SV-99995r1_rulevRA PostgreSQL database log file data must contain required data elements.
SV-99997r1_rulevRA PostgreSQL database log file data must contain required data elements.
SV-99999r1_rulevRA PostgreSQL database log file data must contain required data elements.
SV-100001r1_rulevRA PostgreSQL database must have log_truncate_on_rotation enabled.
SV-100003r1_ruleThe vRA PostgreSQL database must have the correct permissions on the log files.
SV-100005r1_ruleThe vRA PostgreSQL database must have the correct ownership on the log files.
SV-100007r1_ruleThe vRA PostgreSQL database must have the correct group-ownership on the log files.
SV-100009r1_ruleThe vRA PostgreSQL configuration files must have the correct permissions.
SV-100011r1_ruleThe vRA PostgreSQL configuration files must have the correct ownership.
SV-100013r1_ruleThe vRA PostgreSQL configuration files must have the correct group-ownership.
SV-100015r1_rulevRA PostgreSQL database objects must only be accessible to the postgres account.
SV-100017r1_ruleThe vRA PostgreSQL database must limit modify privileges to authorized accounts.
SV-100019r1_ruleThe vRA PostgreSQL database must not contain sample data.
SV-100021r1_ruleThe vRA PostgreSQL database must be limited to authorized accounts.
SV-100023r1_ruleThe vRA PostgreSQL database must use md5 for authentication.
SV-100025r1_ruleThe vRA PostgreSQL database must be configured to use ssl.
SV-100027r1_ruleThe vRA PostgreSQL database must complete writing log entries prior to returning results.
SV-100029r1_ruleThe vRA PostgreSQL must not allow access to unauthorized accounts.
SV-100031r1_ruleData from the vRA PostgreSQL database must be protected from unauthorized transfer.
SV-100033r1_ruleThe vRA PostgreSQL error file must be protected from unauthorized access.
SV-100035r1_ruleThe vRA PostgreSQL database must have log collection enabled.
SV-100037r1_ruleThe vRA PostgreSQL database must be configured to use a syslog facility.
SV-100039r1_ruleThe vRA PostgreSQL database must be configured to use a syslog facility.
SV-100041r1_ruleThe vRA PostgreSQL database must use UTC for log timestamps.
SV-100043r1_rulevRA PostgreSQL database log file data must contain required data elements.
SV-100045r1_ruleThe DBMS must enforce access restrictions associated with changes to the configuration of the DBMS or database(s).
SV-100047r1_rulevRA PostgreSQL database must be configured to validate character encoding to UTF-8.
SV-100049r1_ruleThe vRA PostgreSQL database security updates and patches must be installed in a timely manner in accordance with site policy.
SV-100051r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100053r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100055r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100057r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100059r1_ruleThe DBMS must generate audit records when privileges/permissions are modified.
SV-100061r1_ruleThe DBMS must generate audit records when unsuccessful attempts to modify privileges/permissions occur.
SV-100063r1_ruleThe DBMS must generate audit records when security objects are modified.
SV-100065r1_ruleThe DBMS must generate audit records when unsuccessful attempts to modify security objects occur.
SV-100067r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100069r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100071r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100073r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100075r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100077r1_ruleThe vRA PostgreSQL database must set log_connections to on.
SV-100079r1_ruleThe vRA PostgreSQL database must set the log_min_messages to warning.
SV-100081r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100083r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100085r1_ruleThe vRA PostgreSQL database must set log_connections to on.
SV-100087r1_ruleThe vRA PostgreSQL database must set log_connections to on.
SV-100089r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100091r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100093r1_ruleThe vRA PostgreSQL database must set the log_statement to all.
SV-100095r1_ruleThe vRA PostgreSQL database must use FIPS 140-2 ciphers.
SV-100097r1_ruleThe vRA PostgreSQL database must use FIPS 140-2 ciphers.
SV-100099r1_ruleThe vRA PostgreSQL database must use FIPS 140-2 ciphers.
SV-100101r1_ruleThe vRA PostgreSQL database must be configured to use a syslog facility.
SV-100103r1_rulevRA PostgreSQL must have the latest approved security-relevant software updates installed.
SV-100105r1_ruleThe DBMS must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations.
SV-100107r1_rulevRA Postgres must be configured to use the correct port.
SV-100109r1_ruleThe vRA PostgreSQL database must have log collection enabled.
SV-100111r1_rulevRA Postgres must be configured to use the correct port.
SV-100113r1_rulevRA PostgreSQL must limit the number of connections.