STIGQter: STIG Summary: vRealize - Cassandra Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The Cassandra Server must implement cryptographic mechanisms preventing the unauthorized disclosure of information at rest.

DISA Rule

SV-87319r1_rule

Vulnerability Number

V-72687

Group Title

SRG-APP-000429-DB-000387

Rule Version

VROM-CS-002125

Severity

CAT I

CCI(s)

• CCI-002476 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components.

Weight

10

Fix Recommendation

Configure the Cassandra Server to implement cryptographic mechanisms preventing the unauthorized disclosure of information at rest.

Implement full disk encryption such as VMcrypt or other third-party full disk encryption that uses FIPS 140-2 validated cryptography.

Check Contents

Review the Cassandra Server to ensure cryptographic mechanisms are implemented preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components.

Inspect the server configuration to ensure a full disk encryption solution has been implemented. If the disk is unencrypted, this is a finding.

Vulnerability Number

V-72687

Documentable

False

Rule Version

VROM-CS-002125

Severity Override Guidance

Review the Cassandra Server to ensure cryptographic mechanisms are implemented preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components.

Inspect the server configuration to ensure a full disk encryption solution has been implemented. If the disk is unencrypted, this is a finding.

Check Content Reference

M

Target Key

3179

Comments