The DBMS must have transaction journaling enabled.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-32431	SRG-APP-000144-DB-000102	SV-42768r1_rule		Medium

Description
Application recovery and reconstitution constitutes executing an information system contingency plan that is comprised of activities that restore essential missions and business functions. Database management systems and transaction-based processing systems are examples of information systems that are transaction-based. Transaction rollback and transaction journaling are examples of mechanisms supporting transaction recovery. The maintenance of data integrity involves preservation and control of not only the data contents, but the relationships between two or more related data items and the actions taken on one that may affect others. A DBMS provides data integrity that may be affected by incomplete or interrupted transactions, by means of logging transaction events. This allows the database to recover data content to a point where the data content and its relationships are known to be intact. This data integrity is maintained when the data is undergoing a change or update event. Most DBMS’s enable transaction rollback or recovery by default and as an automatic feature of database recovery.

Description

Application recovery and reconstitution constitutes executing an information system contingency plan that is comprised of activities that restore essential missions and business functions. Database management systems and transaction-based processing systems are examples of information systems that are transaction-based. Transaction rollback and transaction journaling are examples of mechanisms supporting transaction recovery. The maintenance of data integrity involves preservation and control of not only the data contents, but the relationships between two or more related data items and the actions taken on one that may affect others. A DBMS provides data integrity that may be affected by incomplete or interrupted transactions, by means of logging transaction events. This allows the database to recover data content to a point where the data content and its relationships are known to be intact. This data integrity is maintained when the data is undergoing a change or update event. Most DBMS’s enable transaction rollback or recovery by default and as an automatic feature of database recovery.

STIG	Date
Database Security Requirements Guide	2012-07-02

Details

Check Text ( C-40872r1_chk )
Review DBMS settings that enable or disable transaction journaling. If the DBMS is not capable of transaction journaling or if journaling is disabled, this is a finding.

Fix Text (F-36345r1_fix)
Enable transaction journaling for the database. If the DBMS is not capable of transaction journaling, utilize a DBMS product that is capable.