CIS v1.1.0 IBM DB2 v10 Windows OS Level 2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS v1.1.0 IBM DB2 v10 Windows OS Level 2

Updated: 3/3/2020

Authority: CIS

Plugin: Windows

Revision: 1.5

Estimated Item Count: 36

File Details

Filename: CIS_v1.1.0_IBM_DB2_v10_OS_Windows_Level_2.audit

Size: 58.4 kB

MD5: 9c31eb473bf3b5591834fcf809cef216

SHA256: 60902ac7b1fea26343ee55c45d6d8e63a8bc67a80b92be331011d2d890cd679f

Audit Items

Description	Categories
1.5 Configure DB2 to use non-standard ports - Port 523	CONFIGURATION MANAGEMENT
1.5 Configure DB2 to use non-standard ports - Port 50000	CONFIGURATION MANAGEMENT
2.4 Verify the groups within the DB2_GRP_LOOKUP environment variable are appropriate (Windows only)	ACCESS CONTROL
2.5 Verify the domains within the DB2DOMAINLIST environment variable are appropriate (Windows only)	ACCESS CONTROL
3.1.1 Enable audit buffer	AUDIT AND ACCOUNTABILITY
3.1.2 Encrypt user data across the network	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.3 Require explicit authorization for cataloging	ACCESS CONTROL
3.1.4 Disable datalinks support
3.1.6 Secure permissions for default database file path	ACCESS CONTROL, CONFIGURATION MANAGEMENT
3.1.7 Set diagnostic logging to capture errors and warnings	AUDIT AND ACCOUNTABILITY
3.1.8 Secure permissions for all diagnostic logs	ACCESS CONTROL, CONFIGURATION MANAGEMENT
3.1.9 Require instance name for discovery requests	CONFIGURATION MANAGEMENT
3.1.10 Disable instance discoverability	CONFIGURATION MANAGEMENT
3.1.11 Authenticate federated users at the instance level	ACCESS CONTROL
3.1.12 Set maximum connection limits - MAX_CONNECTIONS	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.12 Set maximum connection limits - MAX_COORDAGENTS	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.12 Set maximum connection limits - MAXAPPLS	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.13 Set administrative notification level	AUDIT AND ACCOUNTABILITY
3.1.14 Enable server-based authentication	IDENTIFICATION AND AUTHENTICATION
3.1.15 Set failed archive retry delay	CONFIGURATION MANAGEMENT
3.1.16 Auto-restart after abnormal termination	CONFIGURATION MANAGEMENT
3.1.17 Disable database discovery	CONFIGURATION MANAGEMENT
3.1.19 Secure permissions for the primary archive log location - LOGARCHMETH1 OS Permissions	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
3.1.19 Secure permissions for the primary archive log location - LOGARCHMETH1 Setting	AUDIT AND ACCOUNTABILITY
3.1.25 Establish retention set size for backups	CONTINGENCY PLANNING
3.1.26 Set archive log failover retry limit	CONFIGURATION MANAGEMENT
5.3 Enable Automatic Database Maintenance	CONFIGURATION MANAGEMENT
7.1 Secure SYSADM authority - SYSADM Group	ACCESS CONTROL
7.1 Secure SYSADM authority - SYSADM Group Members
7.2 Secure SYSCTRL authority
7.2 Secure SYSCTRL authority - SYSCTRL Group Members	ACCESS CONTROL
9.4 Remove Default Databases	CONFIGURATION MANAGEMENT
9.9 Secure plug-in library locations - client	ACCESS CONTROL, CONFIGURATION MANAGEMENT
9.9 Secure plug-in library locations - group	ACCESS CONTROL, CONFIGURATION MANAGEMENT
9.9 Secure plug-in library locations - server	ACCESS CONTROL, CONFIGURATION MANAGEMENT
9.11 Ensure permissions on communication exit library locations	ACCESS CONTROL, CONFIGURATION MANAGEMENT

Detections

Analytics

CIS v1.1.0 IBM DB2 v10 Windows OS Level 2

Warning! Audit Deprecated

Audit Details

File Details

Audit Items