Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-234071 | TANS-DB-000001 | SV-234071r612749_rule | Medium |
Description |
---|
Failure to protect organizational information from data mining may result in a compromise of information. Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example: limiting the types of responses provided to database queries, limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases, and notifying organizational personnel when atypical database queries or accesses occur. |
STIG | Date |
---|---|
Tanium 7.3 Security Technical Implementation Guide | 2021-12-20 |
Check Text ( C-37256r610713_chk ) |
---|
Consult with the Tanium System Administrator to determine the server to which the database has been installed and is configured. If the customer is using a Tanium Appliance, this is Not Applicable. If the database is installed on the same server as the Tanium Server or Tanium Module Server, this is a finding. |
Fix Text (F-37221r610714_fix) |
---|
Move the Tanium database from the Tanium Server or Tanium Module Server to a separate server. |