Check: SRG-APP-000226-DB-000147
Database SRG:
SRG-APP-000226-DB-000147
(in versions v4 r2 through v2 r9)
Title
In the event of a system failure, the DBMS must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes. (Cat II impact)
Discussion
Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving information system state information helps to facilitate system restart and return to the operational mode of the organization with less disruption of mission/business processes. Since it is usually not possible to test this capability in a production environment, systems should either be validated in a testing environment or prior to installation. This requirement is usually a function of the design of the IDPS component. Compliance can be verified by acceptance/validation processes or vendor attestation.
Check Content
Check DBMS settings to determine whether organization-defined system state information is being preserved in the event of a system failure. If organization-defined system state information is not being preserved, this is a finding.
Fix Text
Configure DBMS settings to preserve any organization-defined system state information in the event of a system failure.
Additional Identifiers
Rule ID: SV-206569r961125_rule
Vulnerability ID: V-206569
Group Title: SRG-APP-000226
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001665 |
Preserve organization-defined system state information in the event of a system failure. |
Controls
Number | Title |
---|---|
SC-24 |
Fail in Known State |