CIS IBM DB2 11 v1.1.0 Database Level 2

Name: CIS IBM DB2 11 v1.1.0 Database Level 2

Updated: 4/8/2024

Authority: CIS

Plugin: IBM_DB2DB

Revision: 1.0

Estimated Item Count: 16

Filename: CIS_IBM_DB2_11_v1.1.0_Level_2_Database.audit

Size: 31.7 kB

MD5: 4e0bbfc32b64e282452b09a98ec6b0b9

SHA256: b9d2a02b49ba1b35801d8d8bef44a23341ecee875e26bfb4407d8200e43606c4

Description	Categories
4.1.1 Creating the Database Without PUBLIC Grants (RESTRICTIVE)	ACCESS CONTROL, MEDIA PROTECTION
6.4.1 Ensure Trusted Contexts are Enabled	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2.1 Encrypt the Database	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2.2 Do Not Use Encryption Algorithms that are Not Secure	SYSTEM AND SERVICES ACQUISITION
8.2.3 Secure the Configuration File	ACCESS CONTROL, MEDIA PROTECTION
8.2.4 Secure the Stash File	ACCESS CONTROL, MEDIA PROTECTION
8.2.5 Backup the Stash File	CONTINGENCY PLANNING
8.2.6 Create a Strong Password	IDENTIFICATION AND AUTHENTICATION
8.2.7 Backup Your Keystore	CONTINGENCY PLANNING
8.2.8 Backup Your Password In Case Stash File is Inaccessible or Corrupted	CONTINGENCY PLANNING
8.2.9 Rotate the Master Key	IDENTIFICATION AND AUTHENTICATION
8.2.10 Turn Off ALLOW_KEY_INSERT_WITHOUT_KEYSTORE_BACKUP	CONFIGURATION MANAGEMENT
8.2.11 Keep Master Key Labels Unique	CONFIGURATION MANAGEMENT
8.2.12 Retain All Master Keys	CONTINGENCY PLANNING
8.2.13 Set CFG Values in a Single Command	CONFIGURATION MANAGEMENT
8.2.14 Key Rotation in HADR Environment	CONFIGURATION MANAGEMENT