- MD3X-00-000010 - MongoDB must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.
- MD3X-00-000020 - MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.
- MD3X-00-000040 - MongoDB must provide audit record generation for DoD-defined auditable events within all DBMS/database components.
- MD3X-00-000190 - The audit information produced by MongoDB must be protected from unauthorized read access.
- MD3X-00-000220 - MongoDB must protect its audit features from unauthorized access.
- MD3X-00-000250 - MongoDB software installation account must be restricted to authorized users.
- MD3X-00-000260 - Database software, including DBMS configuration files, must be stored in dedicated directories, or DASD pools, separate from the host OS and other applications.
- MD3X-00-000280 - Unused database components, DBMS software, and database objects must be removed.
- MD3X-00-000290 - Unused database components that are integrated in MongoDB and cannot be uninstalled must be disabled - enabled
- MD3X-00-000290 - Unused database components that are integrated in MongoDB and cannot be uninstalled must be disabled - JSONPEnabled
- MD3X-00-000290 - Unused database components that are integrated in MongoDB and cannot be uninstalled must be disabled - RESTInterfaceEnabled
- MD3X-00-000310 - MongoDB must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
- MD3X-00-000310 - MongoDB must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
- MD3X-00-000320 - If DBMS authentication, using passwords, is employed, MongoDB must enforce the DoD standards for password complexity and lifetime.
- MD3X-00-000330 - If passwords are used for authentication, MongoDB must store only hashed, salted representations of passwords.
- MD3X-00-000340 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - allowInvalidCertificates
- MD3X-00-000340 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - CAFile
- MD3X-00-000340 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - mode
- MD3X-00-000340 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - PEMKeyFile
- MD3X-00-000360 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB - CAFile
- MD3X-00-000360 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB - PEMKeyFile
- MD3X-00-000370 - MongoDB must map the PKI-authenticated identity to an associated user account.
- MD3X-00-000380 - MongoDB must use NIST FIPS 140-2-validated cryptographic modules for cryptographic operations.
- MD3X-00-000390 - MongoDB must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
- MD3X-00-000410 - MongoDB must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values.
- MD3X-00-000420 - MongoDB must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.
- MD3X-00-000440 - MongoDB must protect the confidentiality and integrity of all information at rest.
- MD3X-00-000460 - Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data-transfer policy.
- MD3X-00-000470 - MongoDB must prevent unauthorized and unintended information transfer via shared system resources - .conf file
- MD3X-00-000470 - MongoDB must prevent unauthorized and unintended information transfer via shared system resources - Data Dir
