I - Mission Critical Sensitive

Rules and Groups employed by this XCCDF Profile

SRG-APP-000175-DB-000067

Group

Show

PostgreSQL, when using PKI-based authentication, must validate certificates by performing RFC 5280-compliant certification path validation.

<VulnDiscussion>The DOD standard for authentication is DOD-approved PKI certificates. A certificate's certification path is the path from th...

Rule Medium Severity

Show

SRG-APP-000176-DB-000068

Group

Show

PostgreSQL must enforce authorized access to all PKI private keys stored/used by PostgreSQL.

<VulnDiscussion>The DOD standard for authentication is DOD-approved PKI certificates. PKI certificate-based authentication is performed by re...

Rule High Severity

Show

SRG-APP-000177-DB-000069

Group

Show

PostgreSQL must map the PKI-authenticated identity to an associated user account.

<VulnDiscussion>The DOD standard for authentication is DOD-approved PKI certificates. Once a PKI certificate has been validated, it must be m...

Rule Medium Severity

Show

SRG-APP-000179-DB-000114

Group

Show

PostgreSQL must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.

<VulnDiscussion>Use of weak or not validated cryptographic algorithms undermines the purposes of using encryption and digital signatures to p...

Rule High Severity

Show

SRG-APP-000180-DB-000115

Group

Show

PostgreSQL must uniquely identify and authenticate nonorganizational users (or processes acting on behalf of nonorganizational users).

<VulnDiscussion>Nonorganizational users include all information system users other than organizational users, which include organizational em...

Rule Medium Severity

Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity

Modules