The VMM must implement cryptographic mechanisms to prevent unauthorized disclosure of all information at rest on all VMM components.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-207495	SRG-OS-000405-VMM-001660	SV-207495r958872_rule		Medium

Description

VMMs handling data requiring "data at rest" protections must employ cryptographic mechanisms to prevent unauthorized disclosure of the information at rest. Selection of a cryptographic mechanism is based on the need to protect the integrity of organizational information. The strength of the mechanism is commensurate with the security category and/or classification of the information.

STIG	Date
Virtual Machine Manager Security Requirements Guide	2024-12-06

Details

Check Text (C-7752r365889_chk)

Verify the VMM implements cryptographic mechanisms to prevent unauthorized disclosure of all information at rest on all VMM components.

If it does not, this is a finding.

Fix Text (F-7752r365890_fix)

Configure the VMM to implement cryptographic mechanisms to prevent unauthorized disclosure of all information at rest on all VMM components.