CIS IBM DB2 11 v1.1.0 Database Level 2

Name: CIS IBM DB2 11 v1.1.0 Database Level 2

Updated: 6/17/2024

Authority: CIS

Plugin: IBM_DB2DB

Revision: 1.1

Estimated Item Count: 16

Filename: CIS_IBM_DB2_11_v1.1.0_Level_2_Database.audit

Size: 31.7 kB

MD5: d5effd528eb40eedc5e6af0c7b911590

SHA256: 93465607c96215181ce10afaf7aaf01a1d738a266f1a4b7e09580fd45b7fd120

Description	Categories
4.1.1 Creating the Database Without PUBLIC Grants (RESTRICTIVE)	ACCESS CONTROL, MEDIA PROTECTION
6.4.1 Ensure Trusted Contexts are Enabled	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2.1 Encrypt the Database	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2.2 Do Not Use Encryption Algorithms that are Not Secure	SYSTEM AND SERVICES ACQUISITION
8.2.3 Secure the Configuration File	ACCESS CONTROL, MEDIA PROTECTION
8.2.4 Secure the Stash File	ACCESS CONTROL, MEDIA PROTECTION
8.2.5 Backup the Stash File	CONTINGENCY PLANNING
8.2.6 Create a Strong Password	IDENTIFICATION AND AUTHENTICATION
8.2.7 Backup Your Keystore	CONTINGENCY PLANNING
8.2.8 Backup Your Password In Case Stash File is Inaccessible or Corrupted	CONTINGENCY PLANNING
8.2.9 Rotate the Master Key	IDENTIFICATION AND AUTHENTICATION
8.2.10 Turn Off ALLOW_KEY_INSERT_WITHOUT_KEYSTORE_BACKUP	CONFIGURATION MANAGEMENT
8.2.11 Keep Master Key Labels Unique	CONFIGURATION MANAGEMENT
8.2.12 Retain All Master Keys	CONTINGENCY PLANNING
8.2.13 Set CFG Values in a Single Command	CONFIGURATION MANAGEMENT
8.2.14 Key Rotation in HADR Environment	CONFIGURATION MANAGEMENT