- DB2X-00-000300 - DB2 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals - config file
- DB2X-00-002200 - The audit information produced by DB2 must be protected from unauthorized read access - ownership
- DB2X-00-002200 - The audit information produced by DB2 must be protected from unauthorized read access - verify setting
- DB2X-00-002300 - The audit information produced by DB2 must be protected from unauthorized modification - ownership
- DB2X-00-002300 - The audit information produced by DB2 must be protected from unauthorized modification - verify setting
- DB2X-00-002400 - The audit information produced by DB2 must be protected from unauthorized deletion - ownership
- DB2X-00-002400 - The audit information produced by DB2 must be protected from unauthorized deletion - verify setting
- DB2X-00-002900 - The OS must limit privileges to change the DB2 software resident within software libraries (including privileged programs) - INSTALL
- DB2X-00-002900 - The OS must limit privileges to change the DB2 software resident within software libraries (including privileged programs) - INSTANCE
- DB2X-00-003100 - Database software, including DBMS configuration files, must be stored in dedicated directories, separate from the host OS and other applications - INSTALL
- DB2X-00-003100 - Database software, including DBMS configuration files, must be stored in dedicated directories, separate from the host OS and other applications - INSTANCE
- DB2X-00-003400 - Default demonstration and sample databases, database objects, and applications must be removed.
- DB2X-00-003500 - Unused database components, DBMS software, and database objects must be removed.
- DB2X-00-003800 - DB2 must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments - SSL_SVCENAME
- DB2X-00-003800 - DB2 must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments - SVCENAME
- DB2X-00-003800 - DB2 must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.
- DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords - AUTHENTICATION
- DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords - DB2AUTH
- DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - DB2COMM
- DB2X-00-005100 - DB2 must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values - SSL
- DB2X-00-005100 - DB2 must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values - SSL_SVCENAME
- DB2X-00-005100 - DB2 must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values - SVCENAME
- DB2X-00-005300 - In the event of a system failure, DB2 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes - History
- DB2X-00-005300 - In the event of a system failure, DB2 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes - Recovery Plan
- DB2X-00-005300 - In the event of a system failure, DB2 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes - Roll forward
- DB2X-00-005300 - In the event of a system failure, DB2 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes - Tested
- DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - Audit Log
- DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - Backup History
- DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - Database
- DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - Instance
