VCPG-67-000008 – All VCDB tables must be owned by the ‘vc’ user account – vc user account.
Details Within the database, object ownership implies full privileges to the owned object, including the privilege to assign access to...
- Home
- Security Hardening
- DISA STIG VMware vSphere 6.7 PostgreSQL V1R1
DISA STIG VMware vSphere 6.7 PostgreSQL V1R1
VCPG-67-000009 – VMware Postgres must limit modify privileges to authorized accounts.
Details If VMware Postgres were to allow any user to make changes to database structure or logic, those changes might...VCPG-67-000011 – VMware Postgres must be configured to use the correct port.
Details To prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within...VCPG-67-000012 – VMware Postgres must require authentication on all connections.
Details To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and...VCPG-67-000013 – VMware Postgres must be configured to use TLS.
Details The DoD standard for authentication is DoD-approved PKI certificates. Authentication based on user ID and password may be used...VCPG-67-000014 – VMware Postgres must enforce authorized access to all PKI private keys.
Details The DoD standard for authentication is DoD-approved PKI certificates. PKI certificate-based authentication is performed by requiring the certificate holder...VCPG-67-000015 – VMware Postgres must use FIPS 140-2 approved TLS ciphers.
Details Use of weak or unvalidated cryptographic algorithms undermines the purposes of using encryption and digital signatures to protect data....VCPG-67-000016 – VMware Postgres must write log entries to disk prior to returning operation success or failure – fsync
Details Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of...VCPG-67-000016 – VMware Postgres must write log entries to disk prior to returning operation success or failure – full_page_writes
Details Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of...VCPG-67-000016 – VMware Postgres must write log entries to disk prior to returning operation success or failure – synchronous_commit
Details Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of...