| Checked | Name | Title |
|---|
| ☐ | SV-89103r1_rule | DB2 must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. |
| ☐ | SV-89105r1_rule | DB2 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. |
| ☐ | SV-89107r2_rule | DB2 must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |
| ☐ | SV-89109r1_rule | DB2 must protect against a user falsely repudiating having performed organization-defined actions. |
| ☐ | SV-89111r1_rule | DB2 must provide audit record generation capability for DoD-defined auditable events within all DBMS/database components. |
| ☐ | SV-89113r1_rule | DB2 must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. |
| ☐ | SV-89115r2_rule | DB2 must generate audit records when privileges/permissions are retrieved. |
| ☐ | SV-89117r2_rule | DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur. |
| ☐ | SV-89119r1_rule | DB2 must initiate session auditing upon startup. |
| ☐ | SV-89121r1_rule | DB2 must produce audit records containing sufficient information to establish the outcome (success or failure) of the events. |
| ☐ | SV-89123r1_rule | DB2 must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject. |
| ☐ | SV-89125r1_rule | Unless it has been determined that availability is paramount, DB2 must, upon audit failure, cease all auditable activity. |
| ☐ | SV-89127r1_rule | The audit information produced by DB2 must be protected from unauthorized read access. |
| ☐ | SV-89129r1_rule | The audit information produced by DB2 must be protected from unauthorized modification. |
| ☐ | SV-89131r1_rule | The audit information produced by DB2 must be protected from unauthorized deletion. |
| ☐ | SV-89133r1_rule | DB2 must protect its audit features from unauthorized access. |
| ☐ | SV-89135r1_rule | DB2 must protect its audit configuration from unauthorized modification. |
| ☐ | SV-89137r1_rule | DB2 must protect its audit features from unauthorized removal. |
| ☐ | SV-89139r1_rule | DB2 must limit privileges to change software modules, to include stored procedures, functions and triggers, and links to software external to DB2. |
| ☐ | SV-89141r1_rule | The OS must limit privileges to change the DB2 software resident within software libraries (including privileged programs). |
| ☐ | SV-89143r1_rule | The DB2 software installation account must be restricted to authorized users. |
| ☐ | SV-89145r1_rule | Database software, including DBMS configuration files, must be stored in dedicated directories, separate from the host OS and other applications. |
| ☐ | SV-89147r1_rule | Database objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to DB2, etc.) must be owned by database/DBMS principals authorized for ownership. |
| ☐ | SV-89149r1_rule | The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to DB2, etc.) must be restricted to authorized users. |
| ☐ | SV-89151r1_rule | Default demonstration and sample databases, database objects, and applications must be removed. |
| ☐ | SV-89153r1_rule | Unused database components, DBMS software, and database objects must be removed. |
| ☐ | SV-89155r1_rule | Unused database components which are integrated in DB2 and cannot be uninstalled must be disabled. |
| ☐ | SV-89157r1_rule | Access to external executables must be disabled or restricted. |
| ☐ | SV-89159r2_rule | DB2 must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. |
| ☐ | SV-89161r2_rule | If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords. |
| ☐ | SV-89163r1_rule | Applications using the database must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals. |
| ☐ | SV-89165r1_rule | When using command-line tools such as db2, users must use a Connect method that does not expose the password. |
| ☐ | SV-89167r1_rule | DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. |
| ☐ | SV-89169r1_rule | DB2 must separate user functionality (including user interface services) from database management functionality. |
| ☐ | SV-89171r1_rule | DB2 must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values. |
| ☐ | SV-89173r1_rule | In the event of a system failure, DB2 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes. |
| ☐ | SV-89175r2_rule | DB2 must protect the confidentiality and integrity of all information at rest. |
| ☐ | SV-89177r1_rule | DB2 must isolate security functions from non-security functions. |
| ☐ | SV-89179r1_rule | Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data-transfer policy. |
| ☐ | SV-89181r1_rule | Access to database files must be limited to relevant processes and to authorized, administrative users. |
| ☐ | SV-89183r1_rule | DB2 must check the validity of all data inputs except those specifically identified by the organization. |
| ☐ | SV-89185r1_rule | DB2 and associated applications must reserve the use of dynamic code execution for situations that require it. |
| ☐ | SV-89187r1_rule | DB2 and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. |
| ☐ | SV-89189r1_rule | DB2 must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. |
| ☐ | SV-89191r1_rule | DB2 must reveal detailed error messages only to the ISSO, ISSM, SA and DBA. |
| ☐ | SV-89193r1_rule | DB2 must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. |
| ☐ | SV-89235r1_rule | When supporting applications that require security labeling of data, DB2 must associate organization-defined types of security labels having organization-defined security label values with information in storage. |
| ☐ | SV-89237r1_rule | When supporting applications that require security labeling of data, DB2 must associate organization-defined types of security labels having organization-defined security label values with information in process. |
| ☐ | SV-89239r1_rule | DB2 must prevent non-privileged users from executing privileged functions, to include disabling, circumventing, or altering implemented security safeguards/countermeasures. |
| ☐ | SV-89241r1_rule | DB2 must utilize centralized management of the content captured in audit records generated by all components of DB2. |
| ☐ | SV-89243r1_rule | DB2 must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. |
| ☐ | SV-89245r1_rule | DB2 must provide a warning to appropriate support staff when allocated audit record storage volume reaches 75% of maximum audit record storage capacity. |
| ☐ | SV-89247r1_rule | DB2 must provide an immediate real-time alert to appropriate support staff of all audit failure events requiring real-time alerts. |
| ☐ | SV-89249r1_rule | DB2 must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. |
| ☐ | SV-89251r1_rule | DB2 must generate audit records for all direct access to the database(s). |
| ☐ | SV-89253r1_rule | DB2 must generate audit records when unsuccessful accesses to objects occur. |
| ☐ | SV-89255r1_rule | DB2 must generate audit records when successful accesses to objects occur. |
| ☐ | SV-89257r1_rule | DB2 must generate audit records when concurrent logons/connections by the same user from different workstations occur. |
| ☐ | SV-89259r1_rule | DB2 must generate audit records showing starting and ending time for user access to the database(s). |
| ☐ | SV-89261r1_rule | DB2 must generate audit records when unsuccessful attempts to execute privileged activities or other system-level access occur. |
| ☐ | SV-89263r1_rule | DB2 must prohibit user installation of logic modules (stored procedures, functions, triggers, views, etc.) without explicit privileged status. |
| ☐ | SV-89265r1_rule | DB2 and the operating system must enforce access restrictions associated with changes to the configuration of DB2 or database(s). |
| ☐ | SV-89267r1_rule | DB2 must produce audit records of its enforcement of access restrictions associated with changes to the configuration of DB2 or database(s). |
| ☐ | SV-89269r1_rule | DB2 must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance. |
| ☐ | SV-89271r2_rule | DB2 must use NSA-approved cryptography to protect classified information in accordance with the data owners requirements. |
| ☐ | SV-89273r1_rule | DB2 must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions. |
| ☐ | SV-89275r1_rule | DB2 must implement cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest (to include, at a minimum, PII and classified information) on organization-defined information system components. |
| ☐ | SV-89277r1_rule | DB2 must implement and/or support cryptographic mechanisms preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components. |
| ☐ | SV-89279r2_rule | DB2 must maintain the confidentiality and integrity of information during preparation for transmission. |
| ☐ | SV-89281r2_rule | DB2 must maintain the confidentiality and integrity of information during reception. |
| ☐ | SV-89283r1_rule | When invalid inputs are received, DB2 must behave in a predictable and documented manner that reflects organizational and system objectives. |
| ☐ | SV-89285r1_rule | Security-relevant software updates to DB2 must be installed within the time period directed by an authoritative source (e.g. IAVM, CTOs, DTMs, and STIGs). |
| ☐ | SV-89287r1_rule | DB2 must generate audit records when security objects are accessed. |
| ☐ | SV-89289r1_rule | DB2 must generate audit records when unsuccessful attempts to access security objects occur. |
| ☐ | SV-89291r1_rule | DB2 must generate audit records when categorized information (e.g., classification levels/security levels) are accessed. |
| ☐ | SV-89293r1_rule | DB2 must generate audit records when unsuccessful attempts to access categorized information (e.g., classification levels/security levels) occur. |
| ☐ | SV-89295r1_rule | DB2 must generate audit records when privileges/permissions are added. |
| ☐ | SV-89297r1_rule | DB2 must generate audit records when unsuccessful attempts to add privileges/permissions occur. |
| ☐ | SV-89299r1_rule | DB2 must generate audit records when privileges/permissions are modified. |
| ☐ | SV-89301r1_rule | DB2 must generate audit records when unsuccessful attempts to modify privileges/permissions occur. |
| ☐ | SV-89303r1_rule | DB2 must generate audit records when security objects are modified. |
| ☐ | SV-89305r1_rule | DB2 must generate audit records when unsuccessful attempts to modify security objects occur. |
| ☐ | SV-89307r1_rule | DB2 must generate audit records when categorized information (e.g., classification levels/security levels) is modified. |
| ☐ | SV-89309r1_rule | DB2 must generate audit records when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur. |
| ☐ | SV-89311r1_rule | DB2 must generate audit records when privileges/permissions are deleted. |
| ☐ | SV-89313r1_rule | DB2 must generate audit records when unsuccessful attempts to delete privileges/permissions occur. |
| ☐ | SV-89315r1_rule | DB2 must generate audit records when security objects are deleted. |
| ☐ | SV-89317r1_rule | DB2 must generate audit records for all privileged activities or other system-level access. |
| ☐ | SV-89319r1_rule | DB2 must generate audit records when unsuccessful logons or connection attempts occur. |
| ☐ | SV-89321r1_rule | DB2 must generate audit records when successful logons or connections occur. |
| ☐ | SV-89323r1_rule | DB2 must generate audit records when unsuccessful attempts to delete security objects occur. |
| ☐ | SV-89325r1_rule | DB2 must generate audit records when categorized information (e.g., classification levels/security levels) is deleted. |
| ☐ | SV-89327r1_rule | DB2 must generate audit records when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur. |
STIGQter: STIG Summary: