STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must isolate security functions from non-security functions.

DISA Rule

SV-206571r617447_rule

Vulnerability Number

V-206571

Group Title

SRG-APP-000233

Rule Version

SRG-APP-000233-DB-000124

Severity

CAT II

CCI(s)

• CCI-001084 - The information system isolates security functions from nonsecurity functions.

Weight

10

Fix Recommendation

Locate security-related database objects and code in a separate database, schema, or other separate security domain from database objects and code implementing application logic.

Check Contents

Check DBMS settings to determine whether objects or code implementing security functionality are located in a separate security domain, such as a separate database or schema created specifically for security functionality.

If security-related database objects or code are not kept separate, this is a finding.

Vulnerability Number

V-206571

Documentable

False

Rule Version

SRG-APP-000233-DB-000124

Severity Override Guidance

Check DBMS settings to determine whether objects or code implementing security functionality are located in a separate security domain, such as a separate database or schema created specifically for security functionality.

If security-related database objects or code are not kept separate, this is a finding.

Check Content Reference

M

Target Key

2902

Comments