Information
DB2 Row and Column Access Control (RCAC) Policies control access to Db2 tables. They should match the organization's security and database access policies, and they should be regularly reviewed for gaps.
Rationale:
Missing, incomplete, or incorrect Db2 RCAC policies will increase the risks to the organization's protected data and will prevent efforts to monitor, alert, and respond to these risks in the future.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Create RCAC policies for each 'gap' listed from the Audit procedure.
Review the newly created Db2 RCAC policy against the organization's written policies.
Default Value:
Not installed