| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-206633 | CAT II | MONT-DB-002 | Database Security Requirements Guide | The DBMS must generate audit records when unsucces... | - | |||
Check TextReview DBMS documentation to verify that authorized administrative users can designate actions as privileged and that audit records can be produced when the DBMS prevents attempted privileged actions. If the DBMS is not capable of this, this is a finding. Review the DBMS/database security and audit configurations to verify that audit records are produced when the DBMS prevents attempted privileged actions. If they are not produced, this is a finding. Fix TextDeploy a DBMS capable of producing the required audit records when the DBMS prevents attempted privileged action. Configure the DBMS to produce audit records when the DBMS prevents attempted privileged actions. CommentsPage 2 of reference document SQL Anywhere 17 - Auditing Options.pdf and SQL Anywhere 17 β Database Activity Audit.pdf specify the types of auditing events captured in the audit log. A setting of βallβ includes auditing of unsuccessful permission checks or executions of DDL statements, option changes, triggers, and xp_cmdshell invocations as well as all actions that require system privileges.
Source: Montford Point ShipCLIP DB V4R4.ckl
Scan Date: 2026-03-06T12:50:21.809591
Technology Area: Database Review
|
||||||||