4.4 Review Row Permission logic according to policy

Information

The logic behind instituting row permissions is crucial for a successful security policy. Inspecting this logic and comparing it to the security policy will assure that all aspects of the data access controls are being adhered to.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

1. Create RCAC Policies for each 'gap' listed from the Audit procedure.
2. Review the newly created DB2 RCAC policy against the organization's policy

See Also

https://workbench.cisecurity.org/files/162