Applications that are designed and intended to address incident response scenarios must provide a configurable capability to automatically disable an information system if any of the organization defined security violations are detected.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-32483	SRG-APP-000181-DB-NA	SV-42820r1_rule		Medium

Description
When responding to a security incident a capability must exist allowing authorized personnel to disable a particular system if the system exhibits a security violation and the organization determines an action is warranted. Organizations shall define a list of security violations that warrant an immediate disabling of a system. This requirement is for applications that are designed and intended to address incident response scenarios. This requirement is NA for databases.

Description

When responding to a security incident a capability must exist allowing authorized personnel to disable a particular system if the system exhibits a security violation and the organization determines an action is warranted. Organizations shall define a list of security violations that warrant an immediate disabling of a system. This requirement is for applications that are designed and intended to address incident response scenarios. This requirement is NA for databases.

STIG	Date
Database Security Requirements Guide	2012-07-02

Details

Check Text ( C-40920r1_chk )
This check is NA for databases.

Fix Text (F-36397r1_fix)
This fix is NA for databases.