| 1.1 Install the latest fix packs | |
| 1.3 Leverage the least privilege principle | |
| 1.6 Creating the database with the RESTERICTIVE clause | |
| 3.2.1 TCP/IP service name - svcename | |
| 3.2.2 SSL service name - ssl_svcename | |
| 3.2.3 Authentication type for incoming connections at the server - srvcon_auth | |
| 3.2.4 Database Manager Configuration parameter: trust_allclnts | |
| 3.2.5 Database Manager Configuration parameter: trust_clntauth | |
| 4.1 Review Organization's Policies against DB2 RCAC Policies | |
| 4.2 Secure SECADM Authority | |
| 4.4 Review Row Permission logic according to policy | |
| 4.5 Review Column Mask logic according to policy | |
| 5.1 Enable Backup Redundancy | |
| 5.2 Protecting Backups | |
| 6.1 Restrict Access to SYSCAT.AUDITPOLICIES | ACCESS CONTROL |
| 6.2 Restrict Access to SYSCAT.AUDITUSE | ACCESS CONTROL |
| 6.3 Restrict Access to SYSCAT.DBAUTH | ACCESS CONTROL |
| 6.4 Restrict Access to SYSCAT.COLAUTH | ACCESS CONTROL |
| 6.5 Restrict Access to SYSCAT.EVENTS | ACCESS CONTROL |
| 6.6 Restrict Access to SYSCAT.EVENTTABLES | ACCESS CONTROL |
| 6.7 Restrict Access to SYSCAT.ROUTINES | ACCESS CONTROL |
| 6.8 Restrict Access to SYSCAT.INDEXAUTH | ACCESS CONTROL |
| 6.9 Restrict Access to SYSCAT.PACKAGEAUTH | ACCESS CONTROL |
| 6.10 Restrict Access to SYSCAT.PACKAGES | ACCESS CONTROL |
| 6.11 Restrict Access to SYSCAT.PASSTHRUAUTH | ACCESS CONTROL |
| 6.12 Restrict Access to SYSCAT.SECURITYPOLICIES | ACCESS CONTROL |
| 6.13 Restrict Access to SYSCAT.SECURITYPOLICYEXEMPTIONS | ACCESS CONTROL |
| 6.14 Restrict Access to SYSCAT.SURROGATEAUTHIDS | ACCESS CONTROL |
| 6.15 Restrict Access to SYSCAT.ROLEAUTH | ACCESS CONTROL |
| 6.16 Restrict Access to SYSCAT.ROLES | ACCESS CONTROL |
| 6.17 Restrict Access to SYSCAT.ROUTINEAUTH | ACCESS CONTROL |
| 6.18 Restrict Access to SYSCAT.SCHEMAAUTH | ACCESS CONTROL |
| 6.19 Restrict Access to SYSCAT.SCHEMATA | ACCESS CONTROL |
| 6.20 Restrict Access to SYSCAT.SEQUENCEAUTH | ACCESS CONTROL |
| 6.21 Restrict Access to SYSCAT.STATEMENTS | ACCESS CONTROL |
| 6.22 Restrict Access to SYSCAT.TABAUTH | ACCESS CONTROL |
| 6.23 Restrict Access to SYSCAT.TBSPACEAUTH | ACCESS CONTROL |
| 6.24 Restrict Access to Tablespaces | ACCESS CONTROL |
| 6.25 Restrict Access to SYSCAT.MODULEAUTH | ACCESS CONTROL |
| 6.26 Restrict Access to SYSCAT.VARIABLEAUTH | ACCESS CONTROL |
| 6.27 Restrict Access to SYSCAT.WORKLOADAUTH | ACCESS CONTROL |
| 6.28 Restrict Access to SYSCAT.XSROBJECTAUTH | ACCESS CONTROL |
| 6.29 Restrict Access to SYSCAT.AUTHORIZATIONIDS | ACCESS CONTROL |
| 6.30 Restrict Access to SYSIBMADM.OBJECTOWNERS | ACCESS CONTROL |
| 6.31 Restrict Access to SYSIBMADM.PRIVILEGES | ACCESS CONTROL |
| 7.5 Secure SECADM Authority | |
| 7.6 Secure DBADM Authority | |
| 7.7 Secure SQLADM Authority | |
| 7.8 Secure DATAACCESS Authority | |
| 7.9 Secure ACCESSCTRL Authority | |
