CIS IBM DB2 12.1 v1.0.0 Database Level 2

Name: CIS IBM DB2 12.1 v1.0.0 Database Level 2

Updated: 5/8/2026

Authority: CIS

Plugin: IBM_DB2DB

Revision: 1.0

Estimated Item Count: 16

Filename: CIS_IBM_DB2_12.1_v1.0.0_Level_2_Database.audit

Size: 34.6 kB

MD5: 74d37815a901aae6dc3af0a11e09a535

SHA256: 82bf6911f2dc4315e7a8e18aecefeb653e6bba75714296da7896f40b32211bc9

Description	Categories
4.1.1 Creating the Database Without PUBLIC Grants (RESTRICTIVE)	ACCESS CONTROL, MEDIA PROTECTION
6.4.1 Ensure Trusted Contexts are Enabled	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2.1 Encrypt the Database	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
8.2.2 Do Not Use Encryption Algorithms that are Not Secure	SYSTEM AND SERVICES ACQUISITION
8.2.3 Secure the Configuration File	ACCESS CONTROL, MEDIA PROTECTION
8.2.4 Secure the Stash File	ACCESS CONTROL, MEDIA PROTECTION
8.2.5 Backup the Stash File	CONTINGENCY PLANNING
8.2.6 Create a Strong Password	IDENTIFICATION AND AUTHENTICATION
8.2.7 Backup Your Keystore	CONTINGENCY PLANNING
8.2.8 Backup Your Password In Case Stash File is Inaccessible or Corrupted	CONTINGENCY PLANNING
8.2.9 Rotate the Master Key	IDENTIFICATION AND AUTHENTICATION
8.2.10 Turn Off ALLOW_KEY_INSERT_WITHOUT_KEYSTORE_BACKUP	CONFIGURATION MANAGEMENT
8.2.11 Keep Master Key Labels Unique	CONFIGURATION MANAGEMENT
8.2.12 Retain All Master Keys	CONTINGENCY PLANNING
8.2.13 Set CFG Values in a Single Command	CONFIGURATION MANAGEMENT
8.2.14 Key Rotation in HADR Environment	CONFIGURATION MANAGEMENT