Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-32504 | SRG-APP-000201-DB-000145 | SV-42841r1_rule | Medium |
Description |
---|
The purpose of this control is to ensure organizations explicitly address the protection needs for public information and applications with such protection likely being implemented as part of other security controls. Databases designed to contain publicly available information, though not concerned with confidentiality, must still maintain the integrity of the data they house. If data available to the public is not protected from unauthorized modification then it cannot be trusted by those accessing it. |
STIG | Date |
---|---|
Database Security Requirements Guide | 2012-07-02 |
Check Text ( C-40942r1_chk ) |
---|
Determine whether the database houses and distributes information to the public. Review DBMS settings to determine whether controls exist to protect the integrity of publicly available information. If not, this is a finding. |
Fix Text (F-36419r1_fix) |
---|
Apply appropriate controls to protect the integrity of publicly available information. |