Detections
Analytics

DISA STIG Oracle 11 Installation v8r20 Windows

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Oracle 11 Installation v8r20 Windows

Updated: 4/25/2022

Authority: DISA STIG

Plugin: Windows

Revision: 1.10

Estimated Item Count: 114

File Details

Filename: DISA_Oracle_11g_Installation_v8r20_OS_Windows.audit

Size: 191 kB

MD5: 882ef79ecc9120b92cf9db029696abfb
SHA256: e6dd79f853bd2394e4c774deb8de3fdce67b7d4b83e4584736736e4e84fbb1af

Audit Items

DescriptionCategories
DG0001: Vendor supported software is evaluated and patched against newly found vulnerabilities.
DG0003: DBMS security patch level
DG0005: DBMS administration OS accounts - 'ORA_{SID}_DBA Group has no unauthorized users'

ACCESS CONTROL

DG0005: DBMS administration OS accounts - 'ORA_DBA Group has no unauthorized users'

ACCESS CONTROL

DG0005: DBMS administration OS accounts - 'Oracle DBA is only a member of ORA_DBA and Users group'

ACCESS CONTROL

DG0005: DBMS administration OS accounts - 'Oracle instance DBA is only a member of ORA_{SID}_DBA and Users group'

ACCESS CONTROL

DG0007: The database should be secured in accordance with DoD, vendor and/or commercially accepted practices where applicable.
DG0009: DBMS software library permissions - '%ORACLE_HOME% permissions are configured correctly'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

DG0010: DBMS software monitoring
DG0011: DBMS Configuration Management
DG0012: DBMS software storage location - 'ORACLE_BASE environment variable set'

CONFIGURATION MANAGEMENT

DG0012: DBMS software storage location - 'ORACLE_HOME environment variable set'

CONFIGURATION MANAGEMENT

DG0013: Database backup procedures should be defined, documented and implemented.
DG0016: DBMS unused components
DG0017: DBMS shared production/development use - 'All Oracle instances are documented and approved'

CONFIGURATION MANAGEMENT

DG0019: DBMS software ownership - 'Oracle base directory file permissions are correct'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

DG0019: DBMS software ownership - 'Oracle home directory file permissions are correct'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

DG0020: Backup and recovery procedures should be developed, documented, implemented and periodically tested.
DG0021: DBMS software and configuration baseline
DG0025: DBMS encryption compliance - '%ORACLE_HOME%\NETWORK\ADMIN\SQLNET.ora SQLNET.SSLFIPS_140 = TRUE'

SYSTEM AND COMMUNICATIONS PROTECTION

DG0025: DBMS encryption compliance - '%ORACLE_HOME%\NETWORK\ADMIN\SQLNET.ora SSL_CIPHER_SUITES set to valid cipher suite'

SYSTEM AND COMMUNICATIONS PROTECTION

DG0025: DBMS encryption compliance - 'Oracle Advanced Security is installed'
DG0040: DBMS software owner account access - 'Oracle base directory file permissions are correct'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

DG0040: DBMS software owner account access - 'Oracle home directory file permissions are correct'

ACCESS CONTROL, CONFIGURATION MANAGEMENT

DG0041: DBMS installation account use logging
DG0042: DBMS software installation account use
DG0050: DBMS software and configuration file monitoring
DG0052: All applications that access the database should be logged in the audit trail.
DG0053: DBMS client connection definition file
DG0054: The audit logs should be periodically monitored to discover DBMS access using unauthorized applications.
DG0063: DBMS privileges to restore database data or other configurations, features, or objects should be restricted to authorized accounts.
DG0064: DBMS backup and restoration files should be protected from unauthorized access.
DG0066: DBMS temporary password procedures
DG0067: DBMS account password storage
DG0068: DBMS application password display
DG0069: Procedures and restrictions for import of production data to development databases should be documented, implemented and followed.
DG0083: Automated notification of suspicious activity detected in the audit trail should be implemented.
DG0086: DBA roles should be periodically monitored to detect assignment of unauthorized or excess privileges.
DG0088: The DBMS should be periodically tested for vulnerability management and IA compliance.
DG0090: Sensitive information stored in the database should be protected by encryption.
DG0092: Database data files containing sensitive information should be encrypted.
DG0093: Remote administrative connection encryption - '%ORACLE_HOME%\ldap\admin\fips.ora SSLFIPS_140 = TRUE'

SYSTEM AND COMMUNICATIONS PROTECTION

DG0093: Remote administrative connection encryption - '%ORACLE_HOME%\NETWORK\ADMIN\listener.ora - all protocols use TCPS'

ACCESS CONTROL

DG0095: DBMS audit trail data review
DG0096: The DBMS IA policies and procedures should be reviewed annually or more frequently.
DG0097: Plans/procedures for testing DBMS installs, upgrades and patches should be defined and followed prior to production implementation.
DG0099: DBMS access to external local executables - '%ORACLE_HOME%\bin\extproc.exe does not exist'

CONFIGURATION MANAGEMENT

DG0099: DBMS access to external local executables - '%ORACLE_HOME%\hs\admin\extproc.ora SET EXTPROC_DLLS = ONLY'

CONFIGURATION MANAGEMENT

DG0099: DBMS access to external local executables - '%ORACLE_HOME%\hs\admin\extproc.ora SET EXTPROC_DLLS contains only valid paths'

CONFIGURATION MANAGEMENT

DG0099: DBMS access to external local executables - '%ORACLE_HOME%\NETWORK\ADMIN\listener.ora - no PROGRAMS = EXTPROC'

CONFIGURATION MANAGEMENT