UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Recovery procedures and technical system features must exist to ensure recovery is done in a secure and verifiable manner.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32430 SRG-APP-000144-DB-000101 SV-42767r1_rule Medium
Description
Application recovery and reconstitution constitutes executing an information system contingency plan comprised of activities that restore essential missions and business functions. Database management systems and transaction-based processing systems are examples of information systems that are transaction-based. Transaction rollback and transaction journaling are examples of mechanisms supporting transaction recovery. A DBMS may be vulnerable to use of compromised data or other critical files during recovery. Use of compromised files could introduce maliciously altered application code, relaxed security settings or loss of data integrity. Where available, DBMS mechanisms to ensure use of only trusted files can help protect the database from this type of compromise during DBMS recovery.
STIG Date
Database Security Requirements Guide 2012-07-02

Details

Check Text ( C-40871r2_chk )
Review DBMS recovery procedures and technical system features to determine if mechanisms exist and are in place to specify use of trusted files during DBMS recovery. If recovery procedures do not exist or are not sufficient to ensure recovery is done in a secure and verifiable manner, this is a finding.

If system features exist and are not employed or not employed sufficiently, this is a finding.

If circumstances that can inhibit a trusted recovery are not documented and appropriate mitigating procedures have not been put in place, this is a finding.
Fix Text (F-36344r1_fix)
Implement DBMS recovery procedures and employ technical system features to specify trusted files during DBMS recovery.

Ensure circumstances that can inhibit a trusted recovery are documented and appropriate mitigating procedures have been put in place.