DB2X-00-003500 - Unused database components, DBMS software, and database objects must be removed.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Information systems are capable of providing a wide variety of functions and services. Some of the functions and services, provided by default, may not be necessary to support essential organizational operations (e.g., key missions, functions).

It is detrimental for software products to provide, or install by default, functionality exceeding requirements or mission objectives.

DBMSs must adhere to the principles of least functionality by providing only essential capabilities.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

On UNIX/Linux, run the following db2_deinstall command to remove the non-essential features:

$db2_deinstall -F <feature>

Note: The db2_deinstall command is located at DB2DIR/install, where DB2DIR is the location where the current version of the DB2 database product is installed. (If uncertain of the value to provide for DB2DIR, find it using the db2level command.

On Windows, run the db2unins command to remove one or more db2 product, feature or languages.

>>-db2unins -p product (to remove db2 product)
or
>>-db2unins -u response-file (to remove db2 product, feature or languages.)

Note:
Use the following URL to access the knowledgebase documentation on the db2_deinstall command:
http://www.ibm.com/support/knowledgecenter/en/SSEPGG_10.5.0/com.ibm.db2.luw.admin.cmd.doc/doc/r0023670.html

Use the following URL to access the knowledgebase documentation on the db2unins command:
http://www-01.ibm.com/support/knowledgecenter/SSEPGGman db2__10.5.0/com.ibm.db2.luw.admin.cmd.doc/doc/r0023371.html?lang=en

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_DB2_V10-5_V1R4_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, CAT|II, CCI|CCI-000381, Rule-ID|SV-89153r1_rule, STIG-ID|DB2X-00-003500, Vuln-ID|V-74479

Plugin: Unix

Control ID: 288b48fafba070714676a2ec63b1bc48d8a851c8b988a8c338d1bf535d2a8c64