CIS IBM DB2 v10 v1.1.0 Database Level 1

Audit Details

Name: CIS IBM DB2 v10 v1.1.0 Database Level 1

Updated: 6/17/2024

Authority: CIS

Plugin: IBM_DB2DB

Revision: 1.1

Estimated Item Count: 52

File Details

Filename: CIS_IBM_DB2_10_v1.1.0_Level_1_Database.audit

Size: 66.9 kB

MD5: d8745c167a754512d65ed6118f777549
SHA256: cb17fcb9e159b1efd603066b417460738bda315f6dec946abbde2c6fb2d3ec72

Audit Items

DescriptionCategories
1.1 Install the latest fix packs
1.3 Leverage the least privilege principle
1.6 Creating the database with the RESTERICTIVE clause
3.2.4 Database Manager Configuration parameter: trust_allclnts
3.2.5 Database Manager Configuration parameter: trust_clntauth
4.2 Secure SECADM Authority
5.1 Enable Backup Redundancy
5.2 Protecting Backups
6.1 Restrict Access to SYSCAT.AUDITPOLICIES

ACCESS CONTROL

6.2 Restrict Access to SYSCAT.AUDITUSE

ACCESS CONTROL

6.3 Restrict Access to SYSCAT.DBAUTH

ACCESS CONTROL

6.4 Restrict Access to SYSCAT.COLAUTH

ACCESS CONTROL

6.7 Restrict Access to SYSCAT.ROUTINES

ACCESS CONTROL

6.9 Restrict Access to SYSCAT.PACKAGEAUTH

ACCESS CONTROL

6.10 Restrict Access to SYSCAT.PACKAGES

ACCESS CONTROL

6.11 Restrict Access to SYSCAT.PASSTHRUAUTH

ACCESS CONTROL

6.12 Restrict Access to SYSCAT.SECURITYPOLICIES

ACCESS CONTROL

6.13 Restrict Access to SYSCAT.SECURITYPOLICYEXEMPTIONS

ACCESS CONTROL

6.14 Restrict Access to SYSCAT.SURROGATEAUTHIDS

ACCESS CONTROL

6.15 Restrict Access to SYSCAT.ROLEAUTH

ACCESS CONTROL

6.16 Restrict Access to SYSCAT.ROLES

ACCESS CONTROL

6.17 Restrict Access to SYSCAT.ROUTINEAUTH

ACCESS CONTROL

6.18 Restrict Access to SYSCAT.SCHEMAAUTH

ACCESS CONTROL

6.19 Restrict Access to SYSCAT.SCHEMATA

ACCESS CONTROL

6.20 Restrict Access to SYSCAT.SEQUENCEAUTH

ACCESS CONTROL

6.21 Restrict Access to SYSCAT.STATEMENTS

ACCESS CONTROL

6.22 Restrict Access to SYSCAT.TABAUTH

ACCESS CONTROL

6.23 Restrict Access to SYSCAT.TBSPACEAUTH

ACCESS CONTROL

6.24 Restrict Access to Tablespaces

ACCESS CONTROL

6.29 Restrict Access to SYSCAT.AUTHORIZATIONIDS

ACCESS CONTROL

6.30 Restrict Access to SYSIBMADM.OBJECTOWNERS

ACCESS CONTROL

6.31 Restrict Access to SYSIBMADM.PRIVILEGES

ACCESS CONTROL

7.5 Secure SECADM Authority
7.6 Secure DBADM Authority
7.7 Secure SQLADM Authority
7.8 Secure DATAACCESS Authority
7.9 Secure ACCESSCTRL Authority
7.10 Secure WLMADM authority
7.11 Secure CREATAB Authority
7.12 Secure BINDADD Authority
7.13 Secure CONNECT Authority
7.14 Secure LOAD Authority
7.15 Secure EXTERNALROUTINE Authority
7.16 Secure QUIESCECONNECT Authority
8.1 Review Roles
8.2 Review Role Members
8.4 Review Roles granted to PUBLIC
9.2 Remove Unused Schemas

CONFIGURATION MANAGEMENT

9.3 Review System Tablespaces

CONFIGURATION MANAGEMENT

9.8 Ensure Trusted Contexts are enabled