CIS Oracle Server 12c DB Traditional Auditing v3.0.0

Audit Details

Name: CIS Oracle Server 12c DB Traditional Auditing v3.0.0

Updated: 6/17/2024

Authority: CIS

Plugin: OracleDB

Revision: 1.4

Estimated Item Count: 82

File Details

Filename: CIS_Oracle_Server_12c_v3.0.0_L1_Database_Traditional.audit

Size: 316 kB

MD5: d42baf8f3d498fe123b2befc330c3c1d

SHA256: 89fedeed985ae4c4072939a7f8f23f9cc1acdf9e957cb383fb4fef2e20a69475

Audit Items

Description	Categories
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is Installed	CONFIGURATION MANAGEMENT
2.2.1 Ensure 'AUDIT_SYS_OPERATIONS' Is Set to 'TRUE'	AUDIT AND ACCOUNTABILITY
2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED'	AUDIT AND ACCOUNTABILITY
2.2.3 Ensure 'GLOBAL_NAMES' Is Set to 'TRUE'	ACCESS CONTROL
2.2.4 Ensure 'O7_DICTIONARY_ACCESSIBILITY' Is Set to 'FALSE'	SYSTEM AND INFORMATION INTEGRITY
2.2.5 Ensure 'OS_ROLES' Is Set to 'FALSE'	ACCESS CONTROL
2.2.6 Ensure 'REMOTE_LISTENER' Is Empty	ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY
2.2.7 Ensure 'REMOTE_LOGIN_PASSWORDFILE' Is Set to 'NONE'	ACCESS CONTROL
2.2.8 Ensure 'REMOTE_OS_AUTHENT' Is Set to 'FALSE'	IDENTIFICATION AND AUTHENTICATION
2.2.9 Ensure 'REMOTE_OS_ROLES' Is Set to 'FALSE'	IDENTIFICATION AND AUTHENTICATION
2.2.10 Ensure 'UTL_FILE_DIR' Is Empty	ACCESS CONTROL
2.2.11 Ensure 'SEC_CASE_SENSITIVE_LOGON' Is Set to 'TRUE'	IDENTIFICATION AND AUTHENTICATION
2.2.12 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or Less	ACCESS CONTROL
2.2.13 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to 'DROP,3'	ACCESS CONTROL
2.2.14 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG'	AUDIT AND ACCOUNTABILITY
2.2.15 Ensure 'SEC_RETURN_SERVER_RELEASE_BANNER' Is Set to 'FALSE'	ACCESS CONTROL
2.2.16 Ensure 'SQL92_SECURITY' Is Set to 'TRUE'	ACCESS CONTROL
2.2.17 Ensure '_trace_files_public' Is Set to 'FALSE'	ACCESS CONTROL
2.2.18 Ensure 'RESOURCE_LIMIT' Is Set to 'TRUE'	ACCESS CONTROL
3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'	ACCESS CONTROL
3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1'	ACCESS CONTROL
3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90'	ACCESS CONTROL
3.4 Ensure 'PASSWORD_REUSE_MAX' Is Greater than or Equal to '20'	IDENTIFICATION AND AUTHENTICATION
3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365'	IDENTIFICATION AND AUTHENTICATION
3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5'	ACCESS CONTROL
3.7 Ensure 'PASSWORD_VERIFY_FUNCTION' Is Set for All Profiles	IDENTIFICATION AND AUTHENTICATION
3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10'	ACCESS CONTROL
3.9 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120'	ACCESS CONTROL
4.1 Ensure All Default Passwords Are Changed	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
4.2 Ensure All Sample Data And Users Have Been Removed	ACCESS CONTROL
4.3 Ensure 'DBA_USERS.AUTHENTICATION_TYPE' Is Not Set to 'EXTERNAL' for Any User	IDENTIFICATION AND AUTHENTICATION
4.4 Ensure No Users Are Assigned the 'DEFAULT' Profile	ACCESS CONTROL
4.5 Ensure 'SYS.USER$MIG' Has Been Dropped	IDENTIFICATION AND AUTHENTICATION
4.6 Ensure No Public Database Links Exist	ACCESS CONTROL
5.1.1.1 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Network' Packages	ACCESS CONTROL
5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'File System' Packages	ACCESS CONTROL
5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Encryption' Packages	ACCESS CONTROL
5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Java' Packages	ACCESS CONTROL
5.1.1.5 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Job Scheduler' Packages	ACCESS CONTROL
5.1.1.6 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'SQL Injection Helper' Packages	ACCESS CONTROL
5.1.2.1 Ensure 'EXECUTE' is not granted to 'PUBLIC' on 'Non-default' Packages	ACCESS CONTROL
5.1.3.1 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'AUD$'	ACCESS CONTROL
5.1.3.2 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'DBA_%'	ACCESS CONTROL
5.1.3.3 Ensure 'ALL' Is Revoked on 'Sensitive' Tables	ACCESS CONTROL
5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE'	ACCESS CONTROL
5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES'	ACCESS CONTROL
5.2.3 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'OUTLN'	ACCESS CONTROL
5.2.4 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'DBSNMP'	ACCESS CONTROL
5.2.5 Ensure 'SELECT ANY DICTIONARY' Is Revoked from Unauthorized 'GRANTEE'	ACCESS CONTROL
5.2.6 Ensure 'SELECT ANY TABLE' Is Revoked from Unauthorized 'GRANTEE'	ACCESS CONTROL

Detections

Analytics

CIS Oracle Server 12c DB Traditional Auditing v3.0.0

Audit Details

File Details

Audit Items