CIS IBM DB2 11 v1.2.0 Database Level 2

Name: CIS IBM DB2 11 v1.2.0 Database Level 2

Updated: 12/4/2025

Authority: CIS

Plugin: IBM_DB2DB

Revision: 1.0

Estimated Item Count: 16

Filename: CIS_IBM_DB2_11_v1.2.0_Level_2_Database.audit

Size: 34.6 kB

MD5: 40cf61442c464b775f1541402bbb99ef

SHA256: 50a1cd7621e0bbef41501a2f865d1b8f209b9c3d98a5f351f67e1954cde151e0

Description	Categories
4.1.1 Creating the Database Without PUBLIC Grants (RESTRICTIVE)	ACCESS CONTROL, MEDIA PROTECTION
6.4.1 Ensure Trusted Contexts are Enabled	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2.1 Encrypt the Database	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2.2 Do Not Use Encryption Algorithms that are Not Secure	SYSTEM AND SERVICES ACQUISITION
8.2.3 Secure the Configuration File	ACCESS CONTROL, MEDIA PROTECTION
8.2.4 Secure the Stash File	ACCESS CONTROL, MEDIA PROTECTION
8.2.5 Backup the Stash File	CONTINGENCY PLANNING
8.2.6 Create a Strong Password	IDENTIFICATION AND AUTHENTICATION
8.2.7 Backup Your Keystore	CONTINGENCY PLANNING
8.2.8 Backup Your Password In Case Stash File is Inaccessible or Corrupted	CONTINGENCY PLANNING
8.2.9 Rotate the Master Key	IDENTIFICATION AND AUTHENTICATION
8.2.10 Turn Off ALLOW_KEY_INSERT_WITHOUT_KEYSTORE_BACKUP	CONFIGURATION MANAGEMENT
8.2.11 Keep Master Key Labels Unique	CONFIGURATION MANAGEMENT
8.2.12 Retain All Master Keys	CONTINGENCY PLANNING
8.2.13 Set CFG Values in a Single Command	CONFIGURATION MANAGEMENT
8.2.14 Key Rotation in HADR Environment	CONFIGURATION MANAGEMENT