Detections
Analytics

DISA STIG Oracle 11 Installation v8r19 Linux

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Oracle 11 Installation v8r19 Linux

Updated: 9/8/2017

Authority: DISA STIG

Plugin: Unix

Revision: 1.1

Estimated Item Count: 114

Audit Items

DescriptionCategories
DG0001: Vendor supported software is evaluated and patched against newly found vulnerabilities.
DG0003: DBMS security patch level
DG0005: DBMS administration OS accounts - 'DBA user group members'

ACCESS CONTROL

DG0005: DBMS administration OS accounts - 'No dba account is a member of the root group'

ACCESS CONTROL

DG0005: DBMS administration OS accounts - 'root is not a member of dba groups'

ACCESS CONTROL

DG0007: The database should be secured in accordance with DoD, vendor and/or commercially accepted practices where applicable.
DG0009: DBMS software library permissions - '/etc/profile umask < 022'

ACCESS CONTROL

DG0009: DBMS software library permissions - 'umask < 0022'

ACCESS CONTROL

DG0010: DBMS software monitoring
DG0011: DBMS Configuration Management
DG0012: DBMS software storage location - 'No unauthorized directories exist in $ORACLE_BASE'

CONFIGURATION MANAGEMENT

DG0013: Database backup procedures should be defined, documented and implemented.
DG0016: DBMS unused components
DG0017: DBMS shared production/development use

CONFIGURATION MANAGEMENT

DG0019: DBMS software ownership

CONFIGURATION MANAGEMENT

DG0020: Backup and recovery procedures should be developed, documented, implemented and periodically tested.
DG0021: DBMS software and configuration baseline
DG0025: DBMS encryption compliance
DG0025: DBMS encryption compliance - '$ORACLE_HOME/network/admin/sqlnet.ora SQLNET.SSLFIPS_140 = true'

SYSTEM AND COMMUNICATIONS PROTECTION

DG0025: DBMS encryption compliance - '$ORACLE_HOME/network/admin/sqlnet.ora SSL_CIPHER_SUITES is configured'

SYSTEM AND COMMUNICATIONS PROTECTION

DG0040: DBMS software owner account access - '$ORACLE_BASE owner, group and permissions are configured'

CONFIGURATION MANAGEMENT

DG0040: DBMS software owner account access - '$ORACLE_HOME owner, group and permissions are configured'

CONFIGURATION MANAGEMENT

DG0040: DBMS software owner account access - 'Oracle install account is disabled'

ACCESS CONTROL

DG0041: DBMS installation account use logging
DG0042: DBMS software installation account use
DG0050: DBMS software and configuration file monitoring
DG0052: All applications that access the database should be logged in the audit trail.
DG0053: DBMS client connection definition file
DG0054: The audit logs should be periodically monitored to discover DBMS access using unauthorized applications.
DG0063: DBMS privileges to restore database data or other configurations, features, or objects should be restricted to authorized accounts.
DG0064: DBMS backup and restoration files should be protected from unauthorized access.
DG0066: DBMS temporary password procedures
DG0067: DBMS account password storage
DG0068: DBMS application password display
DG0069: Procedures and restrictions for import of production data to development databases should be documented, implemented and followed.
DG0083: Automated notification of suspicious activity detected in the audit trail should be implemented.
DG0086: DBA roles should be periodically monitored to detect assignment of unauthorized or excess privileges.
DG0088: The DBMS should be periodically tested for vulnerability management and IA compliance.
DG0090: Sensitive information stored in the database should be protected by encryption.
DG0092: Database data files containing sensitive information should be encrypted.
DG0093: Remote administrative connection encryption - '$ORACLE_HOME/ldap/admin/fips.ora SSLFIPS_140 = true'

SYSTEM AND COMMUNICATIONS PROTECTION

DG0093: Remote administrative connection encryption - 'Remote admin connections are encrypted'

ACCESS CONTROL

DG0095: DBMS audit trail data review
DG0096: The DBMS IA policies and procedures should be reviewed annually or more frequently.
DG0097: Plans/procedures for testing DBMS installs, upgrades and patches should be defined and followed prior to production implementation.
DG0099: DBMS access to external local executables - '$ORACLE_HOME/bin/extproc does not exist'

CONFIGURATION MANAGEMENT

DG0099: DBMS access to external local executables - '$ORACLE_HOME/network/admin/listener.ora PROGRAM=EXTPROC does not exist'

CONFIGURATION MANAGEMENT

DG0099: DBMS access to external local executables - '$ORACLE_HOME/network/admin/tnsnames.ora EXTPROC PROTOCOL=IPC'

CONFIGURATION MANAGEMENT

DG0099: DBMS access to external local executables - '$ORACLE_HOME/network/admin/tnsnames.ora KEY=EXTPROC does not exist'

CONFIGURATION MANAGEMENT

DG0099: DBMS access to external local executables - '$ORACLE_HOME/rdbms/admin/externaljob.ora run_group = nobody'

CONFIGURATION MANAGEMENT