The DBMS must notify users of organization defined security related changes to the users account occurring during the organization defined time period.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32346 | SRG-APP-000079-DB-000182 | SV-42683r1_rule | Medium |
| Description |
|---|
| Some organizations may define certain security events as events requiring user notification. An organization may define an event, such as a password change to a user's account occurring outside of normal business hours, as a security related event requiring that the application user be notified. In those instances, where organizations define such events, the application must notify the affected user or users. Unauthorized access to DBMS accounts may go undetected if account access is not monitored. Authorized users may serve as a reliable party to report unauthorized use of their account. |
| STIG | Date |
|---|---|
| Database Security Requirements Guide | 2012-07-02 |
Details
| Check Text ( C-40794r1_chk ) |
|---|
| Review system documentation to identify security related changes the organization has defined as requiring notification. Review DBMS settings, including triggers and custom jobs, to determine if organization defined security related changes during an organization defined time period would trigger a user notification. If organization defined security related changes do not trigger a notification to the user, this is a finding. |
| Fix Text (F-36260r1_fix) |
|---|
| Utilize DBMS functionality or third party tools to alert users when organization defined security related changes to the user’s account occur during an organization defined time period. |