STIGQter: STIG Summary: MongoDB Enterprise Advanced 3.x Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jul 2020: STIGQter: STIG Summary: MongoDB Enterprise Advanced 3.x Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jul 2020:SV-96597r1_rule
V-81883
SRG-APP-000231-DB-000154
MD3X-00-000440
CAT II
10
Ensure that the MongoDB Configuration file (default location: /etc/mongod.conf) has the following set:
security:
enableEncryption: "true"
Ensure that any mongod process that contains the option "--enableEcryption" has "true" as its parameter <boolean> value (e.g., "--enableEncryption true").
Stop/start (restart) and mongod process using either the MongoDB configuration file or that contains the "--enableEncryption" option.
If the MongoDB Encrypted Storage Engines is being used, ensure that the "security.enableEncryption" option is set to "true" in the MongoDB configuration file (default location: /etc/mongod.conf) or that MongoDB was started with the "--enableEncryption" command line option.
Check the MongoDB configuration file (default location: /etc/mongod.conf).
If the following parameter is not present, this is a finding.
security:
enableEncryption: "true"
If any mongod process is started with "--enableEncryption false", this is a finding.
V-81883
False
MD3X-00-000440
If the MongoDB Encrypted Storage Engines is being used, ensure that the "security.enableEncryption" option is set to "true" in the MongoDB configuration file (default location: /etc/mongod.conf) or that MongoDB was started with the "--enableEncryption" command line option.
Check the MongoDB configuration file (default location: /etc/mongod.conf).
If the following parameter is not present, this is a finding.
security:
enableEncryption: "true"
If any mongod process is started with "--enableEncryption false", this is a finding.
M
3265