STIGQter STIGQter: STIG Summary: HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 28 Jul 2017:

The storage system must implement cryptographic mechanisms to prevent unauthorized modification or disclosure of all information at rest on all storage system components.

DISA Rule

SV-85113r1_rule

Vulnerability Number

V-70491

Group Title

SRG-OS-000404-GPOS-00183

Rule Version

HP3P-32-001200

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Contact an authorized installer to enable the data-at-rest encryption feature. The data at rest encryption feature has hardware and licensing pre-requisites which must be verified by an authorized installer prior to enabling the feature.

Check Contents

Review the requirements by the Information Owner to discover whether the system stores sensitive or classified information.

If the system does not store sensitive or classified information, this is not applicable.

Verify that data at rest encryption is enabled by entering the following command:

cli% controlencryption status
Licensed | Enabled | BackupSaved | State | SeqNum | Keystore
yes | Yes | no | normal | 0 | ---

If the "Enabled" flag is not set to "Yes" as shown in the output above, this is a finding.

Vulnerability Number

V-70491

Documentable

False

Rule Version

HP3P-32-001200

Severity Override Guidance

Review the requirements by the Information Owner to discover whether the system stores sensitive or classified information.

If the system does not store sensitive or classified information, this is not applicable.

Verify that data at rest encryption is enabled by entering the following command:

cli% controlencryption status
Licensed | Enabled | BackupSaved | State | SeqNum | Keystore
yes | Yes | no | normal | 0 | ---

If the "Enabled" flag is not set to "Yes" as shown in the output above, this is a finding.

Check Content Reference

M

Target Key

3013

Comments