From Authentication Authorization and Accounting Service Security Requirements Guide
Part of SRG-APP-000231-AAA-000061
Associated with: CCI-001199
Information at rest refers to the state of information when it is located on a secondary storage device (e.g., disk drive and tape drive) within an organizational information system. Mobile devices, laptops, desktops, and storage devices can be either lost or stolen, and the contents of their data storage (e.g., hard drives and non-volatile memory) can be read, copied, or altered. Applications and application users generate information throughout the course of their application use.
Verify the AAA Service is configured to protect the confidentiality and integrity of all information at rest. The AAA Service may leverage the capability of an operating system or purpose-built module for this purpose. Potential locations include the local file system where configurations and events are stored, or in a related database table. If the AAA Service is not configured to protect the confidentiality and integrity of all information at rest, this is a finding.
Configure the AAA Service to protect the confidentiality and integrity of all information at rest. The AAA Service may leverage the capability of an operating system or require the use of a purpose-built module for this purpose. Potential locations include the local file system where configurations and events are stored, or in a related database table.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer