Detections
Analytics

CIS Oracle Server 18c DB Traditional Auditing v1.0.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Oracle Server 18c DB Traditional Auditing v1.0.0

Updated: 9/13/2023

Authority: CIS

Plugin: OracleDB

Revision: 1.2

Estimated Item Count: 80

File Details

Filename: CIS_Oracle_Server_18c_v1.0.0_L1_Database_Traditional.audit

Size: 116 kB

MD5: afdf19e13e33e8915e3adb23bf4bdc8a
SHA256: c41fdbd05fb73009bd3c85f0120065324396bab270975077f65c3efb275f20e2

Audit Items

DescriptionCategories
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is Installed
2.2.1 Ensure 'AUDIT_SYS_OPERATIONS' Is Set to 'TRUE'
2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED'
2.2.3 Ensure 'GLOBAL_NAMES' Is Set to 'TRUE'
2.2.4 Ensure 'O7_DICTIONARY_ACCESSIBILITY' Is Set to 'FALSE'
2.2.5 Ensure 'OS_ROLES' Is Set to 'FALSE'
2.2.6 Ensure 'REMOTE_LISTENER' Is Empty
2.2.7 Ensure 'REMOTE_LOGIN_PASSWORDFILE' Is Set to 'NONE'
2.2.8 Ensure 'REMOTE_OS_AUTHENT' Is Set to 'FALSE'
2.2.9 Ensure 'REMOTE_OS_ROLES' Is Set to 'FALSE'
2.2.10 Ensure 'SEC_CASE_SENSITIVE_LOGON' Is Set to 'TRUE'
2.2.11 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or Less
2.2.12 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)'
2.2.13 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG'
2.2.14 Ensure 'SEC_RETURN_SERVER_RELEASE_BANNER' Is Set to 'FALSE'
2.2.15 Ensure 'SQL92_SECURITY' Is Set to 'TRUE'
2.2.16 Ensure '_trace_files_public' Is Set to 'FALSE'
2.2.17 Ensure 'RESOURCE_LIMIT' Is Set to 'TRUE'
3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'
3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1'
3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90'
3.4 Ensure 'PASSWORD_REUSE_MAX' Is Greater than or Equal to '20'
3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365'
3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5'
3.7 Ensure 'PASSWORD_VERIFY_FUNCTION' Is Set for All Profiles
3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10'
3.9 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120'
4.1 Ensure All Default Passwords Are Changed
4.2 Ensure All Sample Data And Users Have Been Removed
4.3 Ensure 'DBA_USERS.AUTHENTICATION_TYPE' Is Not Set to 'EXTERNAL' for Any User
4.4 Ensure No Users Are Assigned the 'DEFAULT' Profile
4.5 Ensure 'SYS.USER$MIG' Has Been Dropped
4.6 Ensure No Public Database Links Exist
5.1.1.1 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Network' Packages - Network Packages
5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'File System' Packages - File System Packages
5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Encryption' Packages - Encryption Packages
5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Java' Packages - Java Packages
5.1.1.5 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Job Scheduler' Packages - Job Scheduler Packages
5.1.1.6 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'SQL Injection Helper' Packages - SQL Injection Helper Packages
5.1.2.1 Ensure 'EXECUTE' is not granted to 'PUBLIC' on 'Non-default' Packages - Non-default Packages
5.1.3.1 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'AUD$'
5.1.3.2 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'DBA_%'
5.1.3.3 Ensure 'ALL' Is Revoked on 'Sensitive' Tables
5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE'
5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES'
5.2.3 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'OUTLN'
5.2.4 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'DBSNMP'
5.2.5 Ensure 'SELECT ANY DICTIONARY' Is Revoked from Unauthorized 'GRANTEE'
5.2.6 Ensure 'SELECT ANY TABLE' Is Revoked from Unauthorized 'GRANTEE'
5.2.7 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE'