Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
In the event of a system failure, the DBMS must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32529 | SRG-APP-000226-DB-000147 | SV-42866r3_rule | Medium |
| Description |
|---|
| Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving information system state information helps to facilitate system restart and return to the operational mode of the organization with less disruption of mission/business processes. Since it is usually not possible to test this capability in a production environment, systems should either be validated in a testing environment or prior to installation. This requirement is usually a function of the design of the IDPS component. Compliance can be verified by acceptance/validation processes or vendor attestation. |
| STIG | Date |
|---|---|
| Database Security Requirements Guide | 2016-03-18 |
Details
| Check Text ( C-40967r2_chk ) |
|---|
| Check DBMS settings to determine whether organization-defined system state information is being preserved in the event of a system failure. If organization-defined system state information is not being preserved, this is a finding. |
| Fix Text (F-36444r2_fix) |
|---|
| Configure DBMS settings to preserve any organization-defined system state information in the event of a system failure. |