UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The DBMS must be able to function within separate processing domains (virtualized systems), when specified, to enable finer-grained allocation of user privileges.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32247 SRG-APP-000064-DB-000085 SV-42564r1_rule Low
Description
Applications must employ the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions. Employing virtualization techniques to allow greater privilege within a virtual machine, while restricting privilege to the underlying actual machine is an example of providing separate processing domains for finer-grained allocation of user privileges. Utilizing virtualization for databases is a common practice due to the ability to maintain several databases on their own distinct operating system but on shared hardware. This allows more efficient usage of resources while eliminating unwanted conflicts and interaction between disparate databases.
STIG Date
Database Security Requirements Guide 2012-07-02

Details

Check Text ( C-40756r2_chk )
Review system documentation to determine whether virtualization is required for the database. If virtualization is not required, this is NA.

Review DBMS vendor documentation to verify the DBMS is capable of working within a virtualized environment. If DBMS is not capable of working in a virtualized environment, this is a finding.
Fix Text (F-36171r1_fix)
Utilize a DBMS that is able to operate in a virtualized environment.