An error occurred:

Check: SRG-OS-000405-VMM-001660

Virtual Machine Manager SRG: SRG-OS-000405-VMM-001660 (in versions v2 r2 through v1 r3)

Title

The VMM must implement cryptographic mechanisms to prevent unauthorized disclosure of all information at rest on all VMM components. (Cat II impact)

Discussion

VMMs handling data requiring "data at rest" protections must employ cryptographic mechanisms to prevent unauthorized disclosure of the information at rest. Selection of a cryptographic mechanism is based on the need to protect the integrity of organizational information. The strength of the mechanism is commensurate with the security category and/or classification of the information.

Check Content

Verify the VMM implements cryptographic mechanisms to prevent unauthorized disclosure of all information at rest on all VMM components. If it does not, this is a finding.

Fix Text

Configure the VMM to implement cryptographic mechanisms to prevent unauthorized disclosure of all information at rest on all VMM components.

Additional Identifiers

Rule ID: SV-207495r958872_rule

Vulnerability ID: V-207495

Group Title: SRG-OS-000405

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-002476

Implement cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined system components.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SC-28(1)

Cryptographic Protection