STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

Default demonstration and sample databases, database objects, and applications must be removed.

DISA Rule

SV-206549r617447_rule

Vulnerability Number

V-206549

Group Title

SRG-APP-000141

Rule Version

SRG-APP-000141-DB-000090

Severity

CAT II

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

Remove any demonstration and sample databases, database applications, objects, and files from the DBMS.

Check Contents

Review vendor documentation and vendor websites to identify vendor-provided demonstration or sample databases, database applications, objects, and files.

Review the DBMS to determine if any of the demonstration and sample databases, database applications, or files are installed in the database or are included with the DBMS application.

If any are present in the database or are included with the DBMS application, this is a finding.

Vulnerability Number

V-206549

Documentable

False

Rule Version

SRG-APP-000141-DB-000090

Severity Override Guidance

Review vendor documentation and vendor websites to identify vendor-provided demonstration or sample databases, database applications, objects, and files.

Review the DBMS to determine if any of the demonstration and sample databases, database applications, or files are installed in the database or are included with the DBMS application.

If any are present in the database or are included with the DBMS application, this is a finding.

Check Content Reference

M

Target Key

2902

Comments