Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The DBMS must protect audit data records and integrity by using cryptographic mechanisms.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32402 | SRG-APP-000126-DB-000171 | SV-42739r1_rule | Medium |
| Description |
|---|
| Protection of audit records and audit data is of critical importance. Cryptographic mechanisms are the industry established standard used to protect the integrity of audit data. An example of a cryptographic mechanism is the computation and application of a cryptographic-signed hash using asymmetric cryptography. Non-repudiation protects individuals against later claims by an author of not having performed a particular action, a sender of not having transmitted a message, a receiver of not having received a message, or a signatory of not having signed a document. |
| STIG | Date |
|---|---|
| Database Security Requirements Guide | 2012-07-02 |
Details
| Check Text ( C-40844r1_chk ) |
|---|
| Review DBMS settings to determine whether the DBMS is using cryptographic mechanisms to protect audit data records and integrity. If cryptographic mechanisms are not used, this is a finding. |
| Fix Text (F-36317r1_fix) |
|---|
| DBMS should use cryptographic mechanisms to protect audit data records and integrity. |