Documentation - V-220387

V-220387

MarkLogic Server v9 Security Technical Implementation Guide

CAT I

Title

MarkLogic Server must implement cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest (to include, at a minimum, PII and classified information) on organization-defined information system components.

Description

<VulnDiscussion>DBMSs handling data requiring data-at-rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest. These cryptographic mechanisms may be native to the DBMS or implemented via additional software or operating system/file system settings, as appropriate to the situation. Selection of a cryptographic mechanism is based on the need to protect the integrity of organizational information. The strength of the mech...

Fix Text (Documentation Requirement)

Configure MarkLogic to provide the required level of cryptographic protection. Perform the fix from the MarkLogic Server Admin Interface with a user that holds administrative-level privileges. 1. Click the Databases icon. 2. Click the database that is to be fixed. 3. Select ON from the data encryption drop-down.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel