Detections
Analytics

CIS IBM DB2 OS L1 v1.2.0

Audit Details

Name: CIS IBM DB2 OS L1 v1.2.0

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.30

Estimated Item Count: 33

File Details

Filename: CIS_v1.2.0_IBM_DB2_OS_Linux_Level_1.audit

Size: 35.5 kB

MD5: 80fe8bba79983034bd77d0f7e8ba49b8
SHA256: aa6bee46d1f041d8e79169d70741a26c8bbe561609f8649f5b281b4ddcab2dbb

Audit Items

DescriptionCategories
1.0.2 Use IP address rather than hostname - 'db2system = IP'

CONFIGURATION MANAGEMENT

1.0.3 Leverage a least privilege principle
1.0.4 Use non-standard account names - '!= dasusr1'

CONFIGURATION MANAGEMENT

1.0.4 Use non-standard account names - '!= db2admin'

CONFIGURATION MANAGEMENT

1.0.4 Use non-standard account names - '!= db2fenc1'

CONFIGURATION MANAGEMENT

1.0.4 Use non-standard account names - '!= db2inst1'

CONFIGURATION MANAGEMENT

2.0.1 Secure DB2 Runtime Library
2.0.2 Secure all database containers
2.0.3 Set umask value for DB2 admin user .profile file

ACCESS CONTROL

3.1.6 Secure permission of default database location
3.1.8 Secure all diagnostic logs - 'diagpath location'

AUDIT AND ACCOUNTABILITY

3.2.4 Establish secure archive log location - 'logarchmeth1 location'
3.2.5 Secure permission of the primary archive log location
3.2.6 Establish secure secondary archive location - 'logarchmeth2 location'
3.2.7 Secure permission of the secondary archive log location
3.2.8 Establish secure tertiary archive location - 'failarchpath location'
3.2.9 Secure permission of the tertiary archive location
3.2.10 Establish secure log mirror location - 'mirrorlogpath location'
3.3.1 Establish DAS administrative group - 'dasadm_group name'

ACCESS CONTROL

4.0.2 Review Security Rule Exemptions
4.0.3 Review Security Label Component
4.0.4 Review Security Label Policies
4.0.5 Review Security Labels
5.0.2 Protecting Backups
5.0.4 Schedule Runstat and Reorg
7.0.3 Establish system maintenance group - 'sysmaint_group users'

ACCESS CONTROL

7.0.4 Establish system monitoring group - 'sysmon_group users'

ACCESS CONTROL

8.0.1 Start and Stop DB2 Instance
9.0.1 Secure DB2 Control Center
9.0.2 Secure DB2 Configuration Assistant Utility
9.0.3 Secure DB2 Health Monitor Utility
9.0.4 DB2 Activity Monitor Utility
CIS_v1.2.0_IBM_DB2_OS_Linux_Level_2.audit from CIS DB2 8, 9 & 9.5 for Linux