Detections
Analytics

CIS v1.1.0 IBM DB2 v10 Windows OS Level 1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS v1.1.0 IBM DB2 v10 Windows OS Level 1

Updated: 3/3/2020

Authority: CIS

Plugin: Windows

Revision: 1.6

Estimated Item Count: 50

File Details

Filename: CIS_v1.1.0_IBM_DB2_v10_OS_Windows_Level_1.audit

Size: 83.9 kB

MD5: eea5c267356668db3d63093a2e2d281e
SHA256: 0225776ea90ef4c60fe3a009b371ee0932ea0893bfab40957bb1c2d8816e836c

Audit Items

DescriptionCategories
1.2 Use IP address rather than hostname

CONFIGURATION MANAGEMENT

1.4 Use non-default account names

ACCESS CONTROL

1.5 Configure DB2 to use non-standard ports - Port 523

CONFIGURATION MANAGEMENT

1.5 Configure DB2 to use non-standard ports - Port 50000

CONFIGURATION MANAGEMENT

2.1 Secure DB2 Runtime Library

ACCESS CONTROL, CONFIGURATION MANAGEMENT

2.2 Secure the database container directory

ACCESS CONTROL, CONFIGURATION MANAGEMENT

2.4 Verify the groups within the DB2_GRP_LOOKUP environment variable are appropriate (Windows only)

ACCESS CONTROL

2.5 Verify the domains within the DB2DOMAINLIST environment variable are appropriate (Windows only)

ACCESS CONTROL

3.1.1 Enable audit buffer

AUDIT AND ACCOUNTABILITY

3.1.2 Encrypt user data across the network

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.3 Require explicit authorization for cataloging

ACCESS CONTROL

3.1.4 Disable datalinks support
3.1.6 Secure permissions for default database file path

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1.7 Set diagnostic logging to capture errors and warnings

AUDIT AND ACCOUNTABILITY

3.1.8 Secure permissions for all diagnostic logs

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1.9 Require instance name for discovery requests

CONFIGURATION MANAGEMENT

3.1.10 Disable instance discoverability

CONFIGURATION MANAGEMENT

3.1.11 Authenticate federated users at the instance level

ACCESS CONTROL

3.1.12 Set maximum connection limits - MAX_CONNECTIONS

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.12 Set maximum connection limits - MAX_COORDAGENTS

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.12 Set maximum connection limits - MAXAPPLS

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.13 Set administrative notification level

AUDIT AND ACCOUNTABILITY

3.1.14 Enable server-based authentication

IDENTIFICATION AND AUTHENTICATION

3.1.15 Set failed archive retry delay

CONFIGURATION MANAGEMENT

3.1.16 Auto-restart after abnormal termination

CONFIGURATION MANAGEMENT

3.1.17 Disable database discovery

CONFIGURATION MANAGEMENT

3.1.19 Secure permissions for the primary archive log location - LOGARCHMETH1 OS Permissions

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

3.1.19 Secure permissions for the primary archive log location - LOGARCHMETH1 Setting

AUDIT AND ACCOUNTABILITY

3.1.21 Secure permissions for the secondary archive log location - LOGARCHMETH2 OS Permissions

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

3.1.21 Secure permissions for the secondary archive log location - LOGARCHMETH2 Setting

AUDIT AND ACCOUNTABILITY

3.1.23 Secure permissions for the tertiary archive log location - FAILARCHPATH OS Permissions

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1.23 Secure permissions for the tertiary archive log location - FAILARCHPATH Setting

AUDIT AND ACCOUNTABILITY

3.1.24 Secure permissions for the log mirror location - MIRRORLOGPATH OS Permissions

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

3.1.24 Secure permissions for the log mirror location - MIRRORLOGPATH Setting

AUDIT AND ACCOUNTABILITY

3.1.25 Establish retention set size for backups

CONTINGENCY PLANNING

3.1.26 Set archive log failover retry limit

CONFIGURATION MANAGEMENT

4.3 Review Users, Groups, and Roles - Groups list

ACCESS CONTROL

4.3 Review Users, Groups, and Roles - Users list

ACCESS CONTROL

5.3 Enable Automatic Database Maintenance

CONFIGURATION MANAGEMENT

7.3 Secure SYSMAINT Authority

ACCESS CONTROL

7.4 Secure SYSMON Authority

ACCESS CONTROL

9.1 Start and Stop DB2 Instance

ACCESS CONTROL

9.4 Remove Default Databases

CONFIGURATION MANAGEMENT

9.5 Enable SSL communication with LDAP server

SYSTEM AND COMMUNICATIONS PROTECTION

9.6 Secure the permission of the IBMLDAPSecurity.ini file

ACCESS CONTROL, CONFIGURATION MANAGEMENT

9.7 Secure the permission of the SSLconfig.ini file

ACCESS CONTROL, CONFIGURATION MANAGEMENT

9.9 Secure plug-in library locations - client

ACCESS CONTROL, CONFIGURATION MANAGEMENT

9.9 Secure plug-in library locations - group

ACCESS CONTROL, CONFIGURATION MANAGEMENT

9.9 Secure plug-in library locations - server

ACCESS CONTROL, CONFIGURATION MANAGEMENT

9.11 Ensure permissions on communication exit library locations

ACCESS CONTROL, CONFIGURATION MANAGEMENT