Overview:
Title: The DBMS must protect audit data records and integrity by using cryptographic mechanisms.
Vulnerability ID: V-32402
STIG ID:
IA Controls: None
Severity: medium
Description: Protection of audit records and audit data is of critical importance. Cryptographic mechanisms are the industry established standard used to protect the integrity of audit data. An example of a cryptographic mechanism is the computation and application of a cryptographic-signed hash using asymmetric cryptography.
Non-repudiation protects individuals against later claims by an author of not having performed a particular action, a sender of not having transmitted a message, a receiver of not having received a message, or a signatory of not having signed a document.
Check Text: Review DBMS settings to determine whether the DBMS is using cryptographic mechanisms to protect audit data records and integrity. If cryptographic mechanisms are not used, this is a finding.
Fix Text: DBMS should use cryptographic mechanisms to protect audit data records and integrity.
[divider]Interpreting V-32402:
Coming Soon!
Return to the DoD STIGs – Database Security Requirements Guide