UCF STIG Viewer Logo

The DBMS must protect audit data records and integrity by using cryptographic mechanisms.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32402 SRG-APP-000126-DB-000171 SV-42739r1_rule Medium
Description
Protection of audit records and audit data is of critical importance. Cryptographic mechanisms are the industry established standard used to protect the integrity of audit data. An example of a cryptographic mechanism is the computation and application of a cryptographic-signed hash using asymmetric cryptography. Non-repudiation protects individuals against later claims by an author of not having performed a particular action, a sender of not having transmitted a message, a receiver of not having received a message, or a signatory of not having signed a document.
STIG Date
Database Security Requirements Guide 2012-07-02

Details

Check Text ( C-40844r1_chk )
Review DBMS settings to determine whether the DBMS is using cryptographic mechanisms to protect audit data records and integrity. If cryptographic mechanisms are not used, this is a finding.
Fix Text (F-36317r1_fix)
DBMS should use cryptographic mechanisms to protect audit data records and integrity.