DoD STIGs – V-32402

Overview:

Title: The DBMS must protect audit data records and integrity by using cryptographic mechanisms.

Vulnerability ID: V-32402

STIG ID:

IA Controls: None

Severity: medium

Description: Protection of audit records and audit data is of critical importance. Cryptographic mechanisms are the industry established standard used to protect the integrity of audit data. An example of a cryptographic mechanism is the computation and application of a cryptographic-signed hash using asymmetric cryptography.

Non-repudiation protects individuals against later claims by an author of not having performed a particular action, a sender of not having transmitted a message, a receiver of not having received a message, or a signatory of not having signed a document.

Check Text: Review DBMS settings to determine whether the DBMS is using cryptographic mechanisms to protect audit data records and integrity. If cryptographic mechanisms are not used, this is a finding.

Fix Text: DBMS should use cryptographic mechanisms to protect audit data records and integrity.

[divider]

Interpreting V-32402:

Coming Soon!

Return to the DoD STIGs – Database Security Requirements Guide

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.