STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must associate organization-defined types of security labels having organization-defined security label values with information in transmission.

DISA Rule

SV-206584r617447_rule

Vulnerability Number

V-206584

Group Title

SRG-APP-000314

Rule Version

SRG-APP-000314-DB-000310

Severity

CAT II

CCI(s)

• CCI-002264 - The organization provides the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in transmission.

Weight

10

Fix Recommendation

Enable DBMS features, deploy third-party software, or add custom data structures, data elements and application code, to provide reliable security labeling of information in transmission.

Check Contents

If security labeling is not required, this is not a finding.

If security labeling requirements have been specified, but the security labeling is not implemented or does not reliably maintain labels on information in transmission, this is a finding.

Vulnerability Number

V-206584

Documentable

False

Rule Version

SRG-APP-000314-DB-000310

Severity Override Guidance

If security labeling is not required, this is not a finding.

If security labeling requirements have been specified, but the security labeling is not implemented or does not reliably maintain labels on information in transmission, this is a finding.

Check Content Reference

M

Target Key

2902

Comments