STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← AC-16 — Security and Privacy Attributes

CCI-002264

Definition

Provide the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in transmission.

Parent Control

AC-16Security and Privacy AttributesAccess Control

Linked STIG Checks (28)

V-222395CAT IIThe application must associate organization-defined types of security attributes having organization-defined security attribute values with information in transmission.Application Security and Development Security Technical Implementation GuideV-204781CAT IIThe application server must associate organization-defined types of security attributes having organization-defined security attribute values with information in transmission.Application Server Security Requirements GuideV-242616CAT IIThe Cisco ISE must audit the execution of privileged functions.Cisco ISE NDM Security Technical Implementation GuideV-233521CAT IIPostgreSQL must associate organization-defined types of security labels having organization-defined security label values with information in transmission.Crunchy Data PostgreSQL Security Technical Implementation GuideV-261913CAT IIPostgreSQL must associate organization-defined types of security labels having organization-defined security label values with information in transmission.Crunchy Data Postgres 16 Security Technical Implementation GuideV-206584CAT IIThe DBMS must associate organization-defined types of security labels having organization-defined security label values with information in transmission.Database Security Requirements GuideV-235781CAT IIA policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.Docker Enterprise 2.x Linux/UNIX Security Technical Implementation GuideV-235782CAT IIA policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set.Docker Enterprise 2.x Linux/UNIX Security Technical Implementation GuideV-224190CAT IIThe EDB Postgres Advanced Server must associate organization-defined types of security labels having organization-defined security label values with information in transmission.EDB Postgres Advanced Server v11 on Windows Security Technical Implementation GuideV-213616CAT IIThe EDB Postgres Advanced Server must associate organization-defined types of security labels having organization-defined security label values with information in transmission.EDB Postgres Advanced Server v9.6 Security Technical Implementation GuideV-259271CAT IIThe EDB Postgres Advanced Server must associate organization-defined types of security labels having organization-defined security label values with information in transmission.EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation GuideV-255936CAT IIIBM Integrated Crypto Service Facility (ICSF) install data sets are not properly protected.IBM z/OS RACF Security Technical Implementation GuideV-255941CAT IIIBM Integrated Crypto Service Facility (ICSF) install data sets are not properly protected.IBM z/OS TSS Security Technical Implementation GuideV-237899CAT IICA VM:Secure product must be installed and operating.IBM zVM Using CA VM:Secure Security Technical Implementation GuideV-242403CAT IIKubernetes API Server must generate audit records that identify what type of event has occurred, identify the source of the event, contain the event results, identify any users, and identify any containers associated with the event.Kubernetes Security Technical Implementation GuideV-213786CAT IIWhen supporting applications that require security labeling of data, SQL Server must associate organization-defined types of security labels having organization-defined security label values with information in transmission.MS SQL Server 2014 Database Security Technical Implementation GuideV-253721CAT IIMariaDB must associate organization-defined types of security labels having organization-defined security label values with information in transmission.MariaDB Enterprise 10.x Security Technical Implementation GuideV-220376CAT IIMarkLogic Server must associate organization-defined types of security labels having organization-defined security label values with information in transmission.MarkLogic Server v9 Security Technical Implementation GuideV-255315CAT IIAzure SQL Database must associate organization-defined types of security labels having organization-defined security label values with information in transmission.Microsoft Azure SQL Database Security Technical Implementation GuideV-276231CAT IIAzure SQL Managed Instance must associate organization-defined types of security labels having organization-defined security label values with information.Microsoft Azure SQL Managed Instance Security Technical Implementation GuideV-271184CAT IISQL Server must associate organization-defined types of security labels having organization-defined security label values with information in process, transit, or storage.Microsoft SQL Server 2022 Database Security Technical Implementation GuideV-221185CAT IIMongoDB must associate organization-defined types of security labels having organization-defined security label values with information in storage.MongoDB Enterprise Advanced 3.x Security Technical Implementation GuideV-252144CAT IIMongoDB must associate organization-defined types of security labels having organization-defined security label values with information in storage and transmission.MongoDB Enterprise Advanced 4.x Security Technical Implementation GuideV-265934CAT IIMongoDB must associate organization-defined types of security labels having organization-defined security label values with information in storage.MongoDB Enterprise Advanced 7.x Security Technical Implementation GuideV-279371CAT IIMongoDB must associate organization-defined types of security labels having organization-defined security label values with information in storage.MongoDB Enterprise Advanced 8.x Security Technical Implementation GuideV-270498CAT IIOracle Database must associate organization-defined types of security labels having organization-defined security label values with information in storage.Oracle Database 19c Security Technical Implementation GuideV-235184CAT IIThe MySQL Database Server 8.0 must associate organization-defined types of security labels having organization-defined security label values with information in transmission.Oracle MySQL 8.0 Security Technical Implementation GuideV-214058CAT IIPostgreSQL must associate organization-defined types of security labels having organization-defined security label values with information in transmission.PostgreSQL 9.x Security Technical Implementation Guide