DoD STIGs – V-32431

Overview:

Title: The DBMS must have transaction journaling enabled.

Vulnerability ID: V-32431

STIG ID:

IA Controls: None

Severity: medium

Description: Application recovery and reconstitution constitutes executing an information system contingency plan that is comprised of activities that restore essential missions and business functions.

Database management systems and transaction-based processing systems are examples of information systems that are transaction-based. Transaction rollback and transaction journaling are examples of mechanisms supporting transaction recovery.

The maintenance of data integrity involves preservation and control of not only the data contents, but the relationships between two or more related data items and the actions taken on one that may affect others. A DBMS provides data integrity that may be affected by incomplete or interrupted transactions, by means of logging transaction events. This allows the database to recover data content to a point where the data content and its relationships are known to be intact. This data integrity is maintained when the data is undergoing a change or update event. Most DBMS’s enable transaction rollback or recovery by default and as an automatic feature of database recovery.

Check Text: Review DBMS settings that enable or disable transaction journaling. If the DBMS is not capable of transaction journaling or if journaling is disabled, this is a finding.

Fix Text: Enable transaction journaling for the database. If the DBMS is not capable of transaction journaling, utilize a DBMS product that is capable.

[divider]

Interpreting V-32431:

Coming Soon!

Return to the DoD STIGs – Database Security Requirements Guide

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.