STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must maintain the confidentiality and integrity of information during reception.

DISA Rule

SV-206608r617447_rule

Vulnerability Number

V-206608

Group Title

SRG-APP-000442

Rule Version

SRG-APP-000442-DB-000379

Severity

CAT II

CCI(s)

• CCI-002422 - The information system maintains the confidentiality and/or integrity of information during reception.

Weight

10

Fix Recommendation

Implement protective measures against unauthorized disclosure and modification during reception.

Check Contents

If the data owner does not have a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process, this is not a finding.

If the DBMS, associated applications, and infrastructure do not employ protective measures against unauthorized disclosure and modification during reception, this is a finding.

Vulnerability Number

V-206608

Documentable

False

Rule Version

SRG-APP-000442-DB-000379

Severity Override Guidance

If the data owner does not have a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process, this is not a finding.

If the DBMS, associated applications, and infrastructure do not employ protective measures against unauthorized disclosure and modification during reception, this is a finding.

Check Content Reference

M

Target Key

2902

Comments