CIS IBM DB2 v10 v1.1.0 Database Level 2

Audit Details

Name: CIS IBM DB2 v10 v1.1.0 Database Level 2

Updated: 6/17/2024

Authority: CIS

Plugin: IBM_DB2DB

Revision: 1.1

Estimated Item Count: 67

File Details

Filename: CIS_IBM_DB2_10_v1.1.0_Level_2_Database.audit

Size: 84.4 kB

MD5: 5065ac7fb9ec9d8c2bb253aaf4c7f2c2
SHA256: 5dcb793cc66cce2144992586874a361dbd17fd125a4f4d1a7ea6925ce7bf4720

Audit Items

DescriptionCategories
1.1 Install the latest fix packs
1.3 Leverage the least privilege principle
1.6 Creating the database with the RESTERICTIVE clause
3.2.1 TCP/IP service name - svcename
3.2.2 SSL service name - ssl_svcename
3.2.3 Authentication type for incoming connections at the server - srvcon_auth
3.2.4 Database Manager Configuration parameter: trust_allclnts
3.2.5 Database Manager Configuration parameter: trust_clntauth
4.1 Review Organization's Policies against DB2 RCAC Policies
4.2 Secure SECADM Authority
4.4 Review Row Permission logic according to policy
4.5 Review Column Mask logic according to policy
5.1 Enable Backup Redundancy
5.2 Protecting Backups
6.1 Restrict Access to SYSCAT.AUDITPOLICIES

ACCESS CONTROL

6.2 Restrict Access to SYSCAT.AUDITUSE

ACCESS CONTROL

6.3 Restrict Access to SYSCAT.DBAUTH

ACCESS CONTROL

6.4 Restrict Access to SYSCAT.COLAUTH

ACCESS CONTROL

6.5 Restrict Access to SYSCAT.EVENTS

ACCESS CONTROL

6.6 Restrict Access to SYSCAT.EVENTTABLES

ACCESS CONTROL

6.7 Restrict Access to SYSCAT.ROUTINES

ACCESS CONTROL

6.8 Restrict Access to SYSCAT.INDEXAUTH

ACCESS CONTROL

6.9 Restrict Access to SYSCAT.PACKAGEAUTH

ACCESS CONTROL

6.10 Restrict Access to SYSCAT.PACKAGES

ACCESS CONTROL

6.11 Restrict Access to SYSCAT.PASSTHRUAUTH

ACCESS CONTROL

6.12 Restrict Access to SYSCAT.SECURITYPOLICIES

ACCESS CONTROL

6.13 Restrict Access to SYSCAT.SECURITYPOLICYEXEMPTIONS

ACCESS CONTROL

6.14 Restrict Access to SYSCAT.SURROGATEAUTHIDS

ACCESS CONTROL

6.15 Restrict Access to SYSCAT.ROLEAUTH

ACCESS CONTROL

6.16 Restrict Access to SYSCAT.ROLES

ACCESS CONTROL

6.17 Restrict Access to SYSCAT.ROUTINEAUTH

ACCESS CONTROL

6.18 Restrict Access to SYSCAT.SCHEMAAUTH

ACCESS CONTROL

6.19 Restrict Access to SYSCAT.SCHEMATA

ACCESS CONTROL

6.20 Restrict Access to SYSCAT.SEQUENCEAUTH

ACCESS CONTROL

6.21 Restrict Access to SYSCAT.STATEMENTS

ACCESS CONTROL

6.22 Restrict Access to SYSCAT.TABAUTH

ACCESS CONTROL

6.23 Restrict Access to SYSCAT.TBSPACEAUTH

ACCESS CONTROL

6.24 Restrict Access to Tablespaces

ACCESS CONTROL

6.25 Restrict Access to SYSCAT.MODULEAUTH

ACCESS CONTROL

6.26 Restrict Access to SYSCAT.VARIABLEAUTH

ACCESS CONTROL

6.27 Restrict Access to SYSCAT.WORKLOADAUTH

ACCESS CONTROL

6.28 Restrict Access to SYSCAT.XSROBJECTAUTH

ACCESS CONTROL

6.29 Restrict Access to SYSCAT.AUTHORIZATIONIDS

ACCESS CONTROL

6.30 Restrict Access to SYSIBMADM.OBJECTOWNERS

ACCESS CONTROL

6.31 Restrict Access to SYSIBMADM.PRIVILEGES

ACCESS CONTROL

7.5 Secure SECADM Authority
7.6 Secure DBADM Authority
7.7 Secure SQLADM Authority
7.8 Secure DATAACCESS Authority
7.9 Secure ACCESSCTRL Authority