Detections
Analytics

Revision 1.1

Dec 14, 2018
Informational Update
  • DG0001: Vendor supported software is evaluated and patched against newly found vulnerabilities.
  • DG0003: DBMS security patch level
  • DG0007: The database should be secured in accordance with DoD, vendor and/or commercially accepted practices where applicable.
  • DG0010: DBMS software monitoring
  • DG0011: DBMS Configuration Management
  • DG0013: Database backup procedures should be defined, documented and implemented.
  • DG0016: DBMS unused components
  • DG0020: Backup and recovery procedures should be developed, documented, implemented and periodically tested.
  • DG0021: DBMS software and configuration baseline
  • DG0025: DBMS encryption compliance
  • DG0041: DBMS installation account use logging
  • DG0042: DBMS software installation account use
  • DG0050: DBMS software and configuration file monitoring
  • DG0052: All applications that access the database should be logged in the audit trail.
  • DG0053: DBMS client connection definition file
  • DG0054: The audit logs should be periodically monitored to discover DBMS access using unauthorized applications.
  • DG0063: DBMS privileges to restore database data or other configurations, features, or objects should be restricted to authorized accounts.
  • DG0064: DBMS backup and restoration files should be protected from unauthorized access.
  • DG0066: DBMS temporary password procedures
  • DG0067: DBMS account password storage
  • DG0068: DBMS application password display
  • DG0069: Procedures and restrictions for import of production data to development databases should be documented, implemented and followed.
  • DG0083: Automated notification of suspicious activity detected in the audit trail should be implemented.
  • DG0086: DBA roles should be periodically monitored to detect assignment of unauthorized or excess privileges.
  • DG0088: The DBMS should be periodically tested for vulnerability management and IA compliance.
  • DG0090: Sensitive information stored in the database should be protected by encryption.
  • DG0092: Database data files containing sensitive information should be encrypted.
  • DG0095: DBMS audit trail data review
  • DG0096: The DBMS IA policies and procedures should be reviewed annually or more frequently.
  • DG0097: Plans/procedures for testing DBMS installs, upgrades and patches should be defined and followed prior to production implementation.
  • DG0101: OS accounts used to execute external procedures should be assigned minimum privileges.
  • DG0106: Database data encryption controls should be configured in accordance with application requirements.
  • DG0107: Sensitive data is stored in the DB and should be identified in the System Security Plan and AIS Functional Arch. documentation.
  • DG0108: The DBMS restoration priority should be assigned.
  • DG0115: Recovery procedures and technical system features exist to ensure that recovery is done in a secure and verifiable manner.
  • DG0118: The IAM should review changes to DBA role assignments.
  • DG0120: Unauthorized access to external database objects should be removed from application user roles.
  • DG0129: Passwords should be encrypted when transmitted across the network.
  • DG0140: Access to DBMS security data should be audited.
  • DG0154: The DBMS requires a System Security Plan containing all required information.
  • DG0155: The DBMS should have configured all applicable settings to use trusted files, functions, features, or other components.
  • DG0157: Remote DBMS administration should be documented and authorized or disabled.
  • DG0158: DBMS remote administration should be audited.
  • DG0159: Remote administrative access to the database should be monitored by the IAO or IAM.
  • DG0161: An automated tool that monitors audit data and immediately reports suspicious activity should be employed for the DBMS.
  • DG0167: Sensitive data served by the DBMS should be protected by encryption when transmitted across the network.
  • DG0171: The DBMS should not have a connection defined to access or be accessed by a DBMS at a different classification level.
  • DG0175: The DBMS host platform and other dependent applications should be configured in compliance with applicable STIG requirements.
  • DG0176: The DBMS audit logs should be included in backup operations.
  • DG0186: The database should not be directly accessible from public or unauthorized networks.
  • DG0194: Privileges assigned to developers on shared production/development hosts should be monitored every three months or more frequently.
  • DG0198: Remote administration of the DBMS should be restricted to known, dedicated and encrypted network addresses and ports.
  • DG7001: The directory assigned to the AUDIT_FILE_DEST parameter must be protected from unauthorized access.
  • DO0360: Connections by mid-tier web and application systems to the DBMS should be protected, encrypted and authenticated according to req's.
  • DO0430: The Oracle Management Agent should be uninstalled if not required/authorized or is installed on a DB accessible from the Internet.
  • DO3630: Oracle listener authentication - 'LSNRCTL Security'
Miscellaneous
  • Metadata updated.
  • References updated.