Detections
Analytics

CIS v1.0.1 Oracle 11g OS Windows Level 1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS v1.0.1 Oracle 11g OS Windows Level 1

Updated: 2/1/2017

Authority: CIS

Plugin: Windows

Revision: 1.3

Estimated Item Count: 116

File Details

Filename: CIS_v1.0.1_Oracle_11g_OS_Windows_Level_1.audit

Size: 124 kB

MD5: b900b3236bf3c1cd6239c3d6a1ba82c4
SHA256: d15d77fc49de4166d72f39ca32f3c192bb104c225e2b0d58fba850b9aae39bab

Audit Items

DescriptionCategories
1.01 Windows platform - 'Do not install Oracle on a domain controller'
1.02 Windows Oracle Local Account - 'Use Restricted Service Account (RSA)'
1.03 Windows Oracle Domain Account - 'Use Restricted Service Account (RSA)'
1.04 Windows Oracle Account - 'Deny Log on Locally Right'
1.05 Windows Oracle Domain Global Group - 'Create a global group for the RSA and make it the RSA's primary group'
1.06 Windows Oracle Account Domain Users Group Membership - 'Remove the RSA from the Domain Users group'
1.07 Windows Oracle Domain Network Resource Permissions - 'Verify and set permissions'
1.08 Windows Oracle Domain Account Logon to...Value - 'Limit to machine running Oracle services'
1.09 Windows Program Folder Permissions - 'Verify and set permissions'
1.10 Windows Oracle Registry Key Permissions - 'Verify and set permissions'
1.11 Windows Oracle Registry Key Setting - 'Set OSAUTH_PREFIX_DOMAIN registry value to TRUE'
2.01 Installation - 'Try to ensure that no other users are connected while installing Oracle 11g'
2.02 Version/Patches - 'Ensure the latest version of Oracle software is being used, and that the latest patches are from Oracle Metalink have been applied'
2.03 Minimal Install - 'Ensure that only the Oracle components necessary to your environment are selected for installation'
2.04 tkprof - 'Remove from system'
2.05 listener.ora - 'Change default name of listener'
2.07 otrace - 'Disable'
2.08 Listener password - 'Use OS Authentication'
2.13 Service or SID name - 'Non-default'
3.01 Files in $ORACLE_HOME/bin - 'Verify and set ownership'
3.05 init.ora - 'Verify and restrict permissions'
3.06 spfile.ora - 'Verify and restrict permissions'
3.07 Database datafiles - 'Verify and restrict permissions'
3.08 init.ora - 'Verify permissions of file referenced by ifile parameter'
3.09 init.ora - 'audit_file_dest parameter settings'
3.10 init.ora - 'diagonostic_dest parameter settings'
3.11 init.ora - 'control_file parameter settings'
3.12 init.ora - 'log_archive_dest_n parameter settings'
3.13 Files in $ORACLE_HOME/network/admin directory - 'Verify and set permissions'
3.14 sqlnet.ora - 'Verify and set permissions with read permissions for everyone'
3.15 sqlnet.ora - 'log_directory_client parameter settings'
3.16 sqlnet.ora - 'log_directory_server parameter settings'
3.17 sqlnet.ora - 'trace_directory_client parameter settings'
3.18 sqlnet.ora - 'trace_directory_server parameter settings'
3.19 listener.ora - 'Verify and set permissions'
3.20 listener.ora - 'log_file_listener parameter settings'
3.21 listener.ora - 'trace_directory_listener_name parameter settings'
3.22 listener.ora - 'trace_file_listener_name parameter settings'
3.23 sqlplus - 'Verify and set permissions'
3.24 .htaccess - 'Verify and set permissions'
3.25 dads.conf - 'Verify and set permissions'
3.26 xsqlconfig.xml - 'Verify and set permissions'
4.01 init.ora - '_trace_file_public = FALSE'
4.02 init.ora - 'global_names = TRUE'
4.03 init.ora - 'remote_os_authent = FALSE'
4.04 init.ora - 'remote_os_roles = FALSE'
4.05 init.ora - 'remote_listener = NULL String'
4.06 init.ora - 'audit_trail parameter set to OS, DB, DB_EXTENDED, XML, or XML, EXTENDED'
4.07 init.ora - 'os_authent_prefix = NULL String'
4.08 init.ora - 'os_roles = FALSE'