Documentation - V-206600

V-206600

Database Security Requirements Guide

CAT II

Title

The DBMS must require users to reauthenticate when organization-defined circumstances or situations require reauthentication.

Description

<VulnDiscussion>The DOD standard for authentication of an interactive user is the presentation of a Common Access Card (CAC) or other physical token bearing a valid, current, DOD-issued Public Key Infrastructure (PKI) certificate, coupled with a Personal Identification Number (PIN) to be entered by the user at the beginning of each session and whenever reauthentication is required. Without reauthentication, users may access resources or perform tasks for which they do not have authorization. ...

Fix Text (Documentation Requirement)

Modify and/or configure the DBMS and related applications and tools so that users are always required to reauthenticate when changing role or escalating privileges. Modify and/or configure the DBMS and related applications and tools so that users are always required to reauthenticate when the specified cases needing reauthorization occur.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel