| MD8X-00-000300 - MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | ACCESS CONTROL |
| MD8X-00-002700 - MongoDB database objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to MongoDB, etc.) must be owned by database/DBMS principals authorized for ownership. | CONFIGURATION MANAGEMENT |
| MD8X-00-002800 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to MongoDB, etc.) must be restricted to authorized users. | CONFIGURATION MANAGEMENT |
| MD8X-00-003350 - MongoDB must be configured to restrict the use of administrator access to authorized IP addresses. | CONFIGURATION MANAGEMENT |
| MD8X-00-003400 - MongoDB must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). | IDENTIFICATION AND AUTHENTICATION |
| MD8X-00-003600 - MongoDB must, for password-based authentication, store passwords using an approved salted key derivation function, preferably using a keyed hash. | IDENTIFICATION AND AUTHENTICATION |
| MD8X-00-004000 - MongoDB must map the PKI-authenticated identity to an associated user account. | IDENTIFICATION AND AUTHENTICATION |
| MD8X-00-004400 - MongoDB must separate user functionality (including user interface services) from database management functionality. | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| MD8X-00-005200 - Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data-transfer policy. | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD8X-00-005500 - MongoDB must check the validity of all data inputs except those specifically identified by the organization. | SYSTEM AND INFORMATION INTEGRITY |
| MD8X-00-005800 - MongoDB must provide nonprivileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | SYSTEM AND INFORMATION INTEGRITY |
| MD8X-00-005900 - MongoDB must reveal detailed error messages only to the information system security officer (ISSO), information system security manager (ISSM), system administrator (SA) and database administrator (DBA). | SYSTEM AND INFORMATION INTEGRITY |
| MD8X-00-006200 - MongoDB must associate organization-defined types of security labels having organization-defined security label values with information in storage. | ACCESS CONTROL |
| MD8X-00-006600 - MongoDB must prevent nonprivileged users from executing privileged functions, to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | ACCESS CONTROL |
| MD8X-00-006800 - MongoDB must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | AUDIT AND ACCOUNTABILITY |
| MD8X-00-007300 - MongoDB must prohibit user installation of logic modules (stored procedures, functions, triggers, views, etc.) without explicit privileged status. | CONFIGURATION MANAGEMENT |
| MD8X-00-007400 - MongoDB must enforce access restrictions associated with changes to the configuration of MongoDB or database(s). | CONFIGURATION MANAGEMENT |
| MD8X-00-007600 - MongoDB must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance. | CONFIGURATION MANAGEMENT |
| MD8X-00-007900 - MongoDB must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements. | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD8X-00-008600 - When invalid inputs are received, MongoDB must behave in a predictable and documented manner that reflects organizational and system objectives. | SYSTEM AND INFORMATION INTEGRITY |
