The DBMS must automatically implement organization defined safeguards and countermeasures if security functions (or mechanisms) are changed inappropriately.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-32416	SRG-APP-000134-DB-000178	SV-42753r1_rule		Medium

Description
Any changes to the application components of the information system can potentially have significant effects on the overall security of the system. Accordingly, only qualified and authorized individuals shall be allowed to obtain access to the application components for purposes of initiating changes, including upgrades and modifications. In order to ensure a prompt response to unauthorized changes to application security functions or security mechanisms, organizations may define countermeasures and safeguards that monitoring applications must undertake in the event these types of changes occur. This degree of functionality is typically built into a support architecture providing change management and/or system monitoring capabilities. Automatic implementation of safeguards and countermeasures includes: reversing the change; halting the system; or triggering an audit alert when an unauthorized modification to a critical security file or process occurs. If countermeasures and safeguards are not present to monitor and react to changes to security mechanisms unauthorized changes could go unnoticed and an attacker could gain and retain access to the DBMS or the databases it serves.

Description

Any changes to the application components of the information system can potentially have significant effects on the overall security of the system. Accordingly, only qualified and authorized individuals shall be allowed to obtain access to the application components for purposes of initiating changes, including upgrades and modifications. In order to ensure a prompt response to unauthorized changes to application security functions or security mechanisms, organizations may define countermeasures and safeguards that monitoring applications must undertake in the event these types of changes occur. This degree of functionality is typically built into a support architecture providing change management and/or system monitoring capabilities. Automatic implementation of safeguards and countermeasures includes: reversing the change; halting the system; or triggering an audit alert when an unauthorized modification to a critical security file or process occurs. If countermeasures and safeguards are not present to monitor and react to changes to security mechanisms unauthorized changes could go unnoticed and an attacker could gain and retain access to the DBMS or the databases it serves.

STIG	Date
Database Security Requirements Guide	2012-07-02

Details

Check Text ( C-40858r1_chk )
Review DBMS settings to determine whether organization defined safeguards and countermeasures will be implemented if the DBMS security functions are changed inappropriately. If organization defined safeguards and countermeasures will not be implemented, this is a finding.

Fix Text (F-36331r1_fix)
Configure DBMS software to implement organization defined safeguards and countermeasures if DBMS security functions are changed inappropriately.