Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The application server must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-263555 | SRG-APP-000915-AS-000310 | SV-263555r981717_rule | Medium |
| Description |
|---|
| A Trusted Platform Module (TPM) is an example of a hardware-protected data store that can be used to protect cryptographic keys. |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2024-05-28 |
Details
| Check Text ( C-67455r981715_chk ) |
|---|
| Verify the application server provides protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store. If the application server does not provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store, this is a finding. |
| Fix Text (F-67363r981716_fix) |
|---|
| Configure the application server to provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store. |