STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← AC-16 — Security and Privacy Attributes

CCI-002263

Definition

Provide the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in process.

Parent Control

AC-16Security and Privacy AttributesAccess Control

Linked STIG Checks (32)

V-222394CAT IIThe application must associate organization-defined types of security attributes having organization-defined security attribute values with information in process.Application Security and Development Security Technical Implementation GuideV-204780CAT IIThe application server must associate organization-defined types of security attributes having organization-defined security attribute values with information in process.Application Server Security Requirements GuideV-251655CAT IIThe DBMS must associate organization-defined types of security labels having organization-defined security label values with information in process.CA IDMS Security Technical Implementation GuideV-233595CAT IIPostgreSQL must associate organization-defined types of security labels having organization-defined security label values with information in process.Crunchy Data PostgreSQL Security Technical Implementation GuideV-261912CAT IIPostgreSQL must associate organization-defined types of security labels having organization-defined security label values with information in process.Crunchy Data Postgres 16 Security Technical Implementation GuideV-206583CAT IIThe DBMS must associate organization-defined types of security labels having organization-defined security label values with information in process.Database Security Requirements GuideV-235781CAT IIA policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.Docker Enterprise 2.x Linux/UNIX Security Technical Implementation GuideV-235782CAT IIA policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set.Docker Enterprise 2.x Linux/UNIX Security Technical Implementation GuideV-224189CAT IIThe EDB Postgres Advanced Server must associate organization-defined types of security labels having organization-defined security label values with information in process.EDB Postgres Advanced Server v11 on Windows Security Technical Implementation GuideV-213615CAT IIThe EDB Postgres Advanced Server must associate organization-defined types of security labels having organization-defined security label values with information in process.EDB Postgres Advanced Server v9.6 Security Technical Implementation GuideV-259270CAT IIThe EDB Postgres Advanced Server must associate organization-defined types of security labels having organization-defined security label values with information in process.EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation GuideV-213717CAT IIWhen supporting applications that require security labeling of data, DB2 must associate organization-defined types of security labels having organization-defined security label values with information in process.IBM DB2 V10.5 LUW Security Technical Implementation GuideV-237942CAT IIThe CA VM:Secure LOGONBY command must be restricted to system administrators.IBM zVM Using CA VM:Secure Security Technical Implementation GuideV-242436CAT IThe Kubernetes API server must have the ValidatingAdmissionWebhook enabled.Kubernetes Security Technical Implementation GuideV-242437CAT IKubernetes must have a pod security policy set.Kubernetes Security Technical Implementation GuideV-254800CAT IKubernetes must have a Pod Security Admission control file configured.Kubernetes Security Technical Implementation GuideV-254801CAT IKubernetes must enable PodSecurity admission controller on static pods and Kubelets.Kubernetes Security Technical Implementation GuideV-213785CAT IIWhen supporting applications that require security labeling of data, SQL Server must associate organization-defined types of security labels having organization-defined security label values with information in process.MS SQL Server 2014 Database Security Technical Implementation GuideV-213919CAT IISQL Server must associate organization-defined types of security labels having organization-defined security label values with information in process, transit, or storage.MS SQL Server 2016 Database Security Technical Implementation GuideV-205539CAT IIThe Mainframe Product must associate types of security attributes having security attribute values as defined in site security plan with information in process.Mainframe Product Security Requirements GuideV-253720CAT IIMariaDB must associate organization-defined types of security labels having organization-defined security label values with information in process.MariaDB Enterprise 10.x Security Technical Implementation GuideV-220375CAT IIMarkLogic Server must associate organization-defined types of security labels having organization-defined security label values with information in process.MarkLogic Server v9 Security Technical Implementation GuideV-255314CAT IIAzure SQL Database must associate organization-defined types of security labels having organization-defined security label values with information in process.Microsoft Azure SQL Database Security Technical Implementation GuideV-276231CAT IIAzure SQL Managed Instance must associate organization-defined types of security labels having organization-defined security label values with information.Microsoft Azure SQL Managed Instance Security Technical Implementation GuideV-271184CAT IISQL Server must associate organization-defined types of security labels having organization-defined security label values with information in process, transit, or storage.Microsoft SQL Server 2022 Database Security Technical Implementation GuideV-221185CAT IIMongoDB must associate organization-defined types of security labels having organization-defined security label values with information in storage.MongoDB Enterprise Advanced 3.x Security Technical Implementation GuideV-252144CAT IIMongoDB must associate organization-defined types of security labels having organization-defined security label values with information in storage and transmission.MongoDB Enterprise Advanced 4.x Security Technical Implementation GuideV-265934CAT IIMongoDB must associate organization-defined types of security labels having organization-defined security label values with information in storage.MongoDB Enterprise Advanced 7.x Security Technical Implementation GuideV-279371CAT IIMongoDB must associate organization-defined types of security labels having organization-defined security label values with information in storage.MongoDB Enterprise Advanced 8.x Security Technical Implementation GuideV-270498CAT IIOracle Database must associate organization-defined types of security labels having organization-defined security label values with information in storage.Oracle Database 19c Security Technical Implementation GuideV-235183CAT IIThe MySQL Database Server 8.0 must associate organization-defined types of security labels having organization-defined security label values with information in process.Oracle MySQL 8.0 Security Technical Implementation GuideV-214129CAT IIPostgreSQL must associate organization-defined types of security labels having organization-defined security label values with information in process.PostgreSQL 9.x Security Technical Implementation Guide