1.3 Leverage the least privilege principle | |
3.1.1 Enable audit buffer | |
3.1.3 Require explicit authorization for cataloging | |
3.1.4 Disable data links support | |
3.1.5 Secure default database location - DFTDBPATH set to INSTANCE_HOME | |
3.1.7 Set diagnostic logging to capture errors and warnings | |
3.1.9 Require instance name for discovery requests | |
3.1.10 Disable instance discoverability | |
3.1.11 Authenticate federated users at the instance level | ACCESS CONTROL |
3.1.12 Enable instance health monitoring | |
3.1.13 Retain fenced model processes | |
3.1.14 Set maximum connection limits - MAX_CONNECTIONS | ACCESS CONTROL |
3.1.14 Set maximum connection limits - MAX_COORDAGENTS | ACCESS CONTROL |
3.1.15 Set administrative notification level | AUDIT AND ACCOUNTABILITY |
3.1.16 Enable server-based authentication | IDENTIFICATION AND AUTHENTICATION |
3.2.4 Secure permissions for the primary archive log location | |
3.2.5 Secure permissions for the secondary archive log location | |
3.2.6 Secure permissions for the tertiary archive log location | |
3.2.7 Secure permissions for the log mirror location | |
4.2 Review security rule exemptions | |
4.3 Review security label components | |
4.4 Review security label policies | |
4.5 Review security labels | |
5.1 Enable backup redundancy | |
5.2 Protect backups | |
5.3 Enable automatic database maintenance | |
5.4 Schedule Runstat and Reorg | |
6.1 Restrict Access to SYSCAT.AUDITPOLICIES | ACCESS CONTROL |
6.2 Restrict Access to SYSCAT.AUDITUSE | ACCESS CONTROL |
6.3 Restrict Access to SYSCAT.DBAUTH | ACCESS CONTROL |
6.4 Restrict Access to SYSCAT.COLAUTH | ACCESS CONTROL |
6.5 Restrict Access to SYSCAT.EVENTS | ACCESS CONTROL |
6.6 Restrict Access to SYSCAT.EVENTTABLES | ACCESS CONTROL |
6.7 Restrict Access to SYSCAT.ROUTINES | ACCESS CONTROL |
6.8 Restrict Access to SYSCAT.INDEXAUTH | ACCESS CONTROL |
6.9 Restrict Access to SYSCAT.PACKAGEAUTH | ACCESS CONTROL |
6.10 Restrict Access to SYSCAT.PACKAGES | ACCESS CONTROL |
6.11 Restrict Access to SYSCAT.PASSTHRUAUTH | ACCESS CONTROL |
6.12 Restrict Access to SYSCAT.SECURITYLABELACCESS | ACCESS CONTROL |
6.13 Restrict Access to SYSCAT.SECURITYLABELCOMPONENTELEMENTS | ACCESS CONTROL |
6.14 Restrict Access to SYSCAT.SECURITYLABELCOMPONENTS | ACCESS CONTROL |
6.15 Restrict Access to SYSCAT.SECURITYLABELS | ACCESS CONTROL |
6.16 Restrict Access to SYSCAT.SECURITYPOLICIES | ACCESS CONTROL |
6.17 Restrict Access to SYSCAT.SECURITYPOLICYCOMPONENTRULES | ACCESS CONTROL |
6.18 Restrict Access to SYSCAT.SECURITYPOLICYEXEMPTIONS | ACCESS CONTROL |
6.19 Restrict Access to SYSCAT.SURROGATEAUTHIDS | ACCESS CONTROL |
6.20 Restrict Access to SYSCAT.ROLEAUTH | ACCESS CONTROL |
6.21 Restrict Access to SYSCAT.ROLES | ACCESS CONTROL |
6.22 Restrict Access to SYSCAT.ROUTINEAUTH | ACCESS CONTROL |
6.23 Restrict Access to SYSCAT.SCHEMAAUTH | ACCESS CONTROL |