STIGQter: STIG Summary: vRealize - Cassandra Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017: STIGQter: STIG Summary: vRealize - Cassandra Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:SV-87289r1_rule
V-72657
SRG-APP-000148-DB-000103
VROM-CS-000130
CAT I
10
Configure the Cassandra Server to uniquely identify and authenticate all organizational users who log on/connect to the system.
Create identity-based account for all the users accessing database (CREATE USER IF NOT EXISTS <identity based username> WITH PASSWORD <password>)
Build/configure applications to ensure successful individual authentication prior to shared account access.
Review the Cassandra Server configuration to ensure organizational users are uniquely identified and authenticated when logging on/connecting to the system.
Open "cqlsh" prompt in the Cassandra Server and type in "LIST USERS;" command. Review the list of accounts available against product documentation and determine if any shared accounts exist.
If accounts are determined to be shared, determine if individuals are first individually authenticated.
If individuals are not individually authenticated before using the shared account, this is a finding.
V-72657
False
VROM-CS-000130
Review the Cassandra Server configuration to ensure organizational users are uniquely identified and authenticated when logging on/connecting to the system.
Open "cqlsh" prompt in the Cassandra Server and type in "LIST USERS;" command. Review the list of accounts available against product documentation and determine if any shared accounts exist.
If accounts are determined to be shared, determine if individuals are first individually authenticated.
If individuals are not individually authenticated before using the shared account, this is a finding.
M
3179