Detections
Analytics

DISA STIG Oracle JRE 8 Windows v1r5

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Oracle JRE 8 Windows v1r5

Updated: 10/5/2021

Authority: DISA STIG

Plugin: Windows

Revision: 1.8

Estimated Item Count: 26

File Details

Filename: DISA_STIG_JRE_8_Windows_v1r5.audit

Size: 46.7 kB

MD5: 7ad78488384b3302f8062cf22a7dece6
SHA256: 64501fbd32f2cc98d4b3358922397ae61db1a4d4e1e257ed2bee4bc6e21bb6c6

Audit Items

DescriptionCategories
JRE8-WN-000010 - Oracle JRE 8 must have a deployment.config file present.

CONFIGURATION MANAGEMENT

JRE8-WN-000020 - Oracle JRE 8 deployment.config file must contain proper keys and values - deployment.system.config

CONFIGURATION MANAGEMENT

JRE8-WN-000020 - Oracle JRE 8 deployment.config file must contain proper keys and values - deployment.system.config.mandatory

CONFIGURATION MANAGEMENT

JRE8-WN-000030 - Oracle JRE 8 must have a deployment.properties file present.

CONFIGURATION MANAGEMENT

JRE8-WN-000060 - Oracle JRE 8 must default to the most secure built-in setting - deployment.security.level

SYSTEM AND INFORMATION INTEGRITY

JRE8-WN-000060 - Oracle JRE 8 must default to the most secure built-in setting - deployment.security.level.locked

SYSTEM AND INFORMATION INTEGRITY

JRE8-WN-000070 - Oracle JRE 8 must be set to allow Java Web Start (JWS) applications - deployment.webjava.enabled

CONFIGURATION MANAGEMENT

JRE8-WN-000070 - Oracle JRE 8 must be set to allow Java Web Start (JWS) applications - deployment.webjava.enabled.locked

CONFIGURATION MANAGEMENT

JRE8-WN-000080 - JRE 8 must disable the dialog enabling users to execute signed content - deployment.security.askgrantdialog.notinca

ACCESS CONTROL

JRE8-WN-000080 - JRE 8 must disable the dialog enabling users to execute signed content - deployment.security.askgrantdialog.notinca.locked

ACCESS CONTROL

JRE8-WN-000090 - JRE 8 must lock the dialog enabling users to execute signed content - deployment.security.askgrantdialog.show

ACCESS CONTROL

JRE8-WN-000090 - JRE 8 must lock the dialog enabling users to execute signed content - deployment.security.askgrantdialog.show.locked

ACCESS CONTROL

JRE8-WN-000100 - Oracle JRE 8 must set the option to enable online cert validation - deployment.security.validation.ocsp.locked

IDENTIFICATION AND AUTHENTICATION

JRE8-WN-000100 - Oracle JRE 8 must set the option to enable online certificate validation - deployment.security.validation.ocsp

IDENTIFICATION AND AUTHENTICATION

JRE8-WN-000110 - Oracle JRE 8 must prevent the download of prohibited mobile code - deployment.security.blacklist.check

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-WN-000110 - Oracle JRE 8 must prevent the download of prohibited mobile code - deployment.security.blacklist.check.locked

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-WN-000120 - Oracle JRE 8 must enable the option to use an accepted sites list.

CONFIGURATION MANAGEMENT

JRE8-WN-000130 - Oracle JRE 8 must have an exception.sites file present.

CONFIGURATION MANAGEMENT

JRE8-WN-000150 - JRE 8 must enable the dialog to check publisher certs for revocation - deployment.security.validation.crl.locked

IDENTIFICATION AND AUTHENTICATION

JRE8-WN-000150 - JRE 8 must enable the dialog to enable users to check publisher certs for revocation - deployment.security.validation.crl

IDENTIFICATION AND AUTHENTICATION

JRE8-WN-000160 - JRE 8 must lock the option to check publisher certs for revocation - eployment.security.revocation.check.locked

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-WN-000160 - JRE 8 must lock the option to enable users to check publisher certs for revocation - deployment.security.revocation.check

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-WN-000170 - Oracle JRE 8 must prompt the user for action prior to executing mobile code - deployment.insecure.jres

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-WN-000170 - Oracle JRE 8 must prompt the user for action prior to executing mobile code - deployment.insecure.jres.locked

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-WN-000180 - The version of Oracle JRE 8 running on the system must be the most current available.
JRE8-WN-000190 - Oracle JRE 8 must remove previous versions when the latest version is installed.