11. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 9/9/2019 5:41:22 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

11.1 Files compared

# Location File Last Modified
1 Webvram-v4.zip\20190725-webvram-source.zip\Documents\20190204_FISMA_WebVRAM(Azure)_ScanResults WebVRAM Database Scan Justifications.docx Tue Jul 23 23:11:38 2019 UTC
2 Webvram-v4.zip\20190725-webvram-source.zip\Documents\20190204_FISMA_WebVRAM(Azure)_ScanResults WebVRAM Database Scan Justifications.docx Tue Sep 3 19:49:48 2019 UTC

11.2 Comparison summary

Description Between
Files 1 and 2
Text Blocks Lines
Unchanged 1 60
Changed 0 0
Inserted 0 0
Removed 0 0

11.3 Comparison options

Whitespace
Character case Differences in character case are significant
Line endings Differences in line endings (CR and LF characters) are ignored
CR/LF characters Not shown in the comparison detail

11.4 Active regular expressions

No regular expressions were active.

11.5 Comparison detail

  1   Database S can Justif ications f or WebVRAM
  2  
  3   Summary: d bmanager o r loginman ager datab ase role g ranted
  4   Finding De tail:Occur renceType:  Finding R ole=loginm anager, Gr antee=VA-N SOC-DB-Sca n
  5   Justificat ion: User  granted ro le per the  database  scan scrip t
  6   Resolution : We’ll re move the u ser from t he databas e.
  7  
  8   Summary: D atabase ro le privile ge assignm ent
  9   Finding De tail:Occur renceType:  Finding
  10   Role Name= loginmanag er, Permis sion=SELEC T, Databas e=master,
  11   Object=sql _logins
  12   Justificat ion: Some  users need  to login  to the dat abase
  13   Resolution : User’s g ranted the  loginmana ger privil ege will b e document ed in the  system sec urity plan .
  14  
  15   Summary: A pplication  object ow nership
  16   Finding De tail:Occur renceType:  Finding
  17   Schema=db_ owner, Dat abase=WebV RAM_PrePro d,
  18   Type=DATAB ASE_ROLE
  19   Justificat ion: none
  20   Resolution : The obje ct ownersh ip will be  documente d in the s ystem secu rity plan  AND a user  will be c reated whi ch can rea d/write da ta but not  own the o bjects.
  21  
  22   Summary: D BMS data d efinition  language u se
  23   Finding De tail:Occur renceType:  Finding
  24   Owner=db_o wner, Sche ma Name=se clyr, Obje ct
  25   Type=DEFAU LT_CONSTRA INT, Creat ion Date=2 /4/2019 4: 20:36 PM,
  26   Object Nam e=DF_Users _Completed RequestFor m
  27   Justificat ion: none
  28   Resolution : The obje ct ownersh ip will be  documente d in the s ystem secu rity plan  AND a user  will be c reated whi ch can rea d/write da ta but not  allowed t o change t he data de finitions.
  29  
  30