Aug 26, 2024 Miscellaneous- Audit deprecated.
- Metadata updated.
- References updated.
|
Jun 17, 2024 |
May 17, 2024 Added- O112-BP-021400 - Fixed user and public database links must be authorized for use.
- O112-BP-021600 - A minimum of two Oracle redo log groups/files must be defined and configured to be stored on separate, archived physical disks or archived directories on a RAID device.
- O112-BP-023100 - Database job/batch queues must be reviewed regularly to detect unauthorized database job submissions.
- O112-BP-023600 - Only authorized system accounts must have the SYSTEM tablespace specified as the default tablespace.
- O112-BP-024000 - Application object owner accounts must be disabled when not performing installation or maintenance actions.
- O112-C2-001900 - The DBMS must provide a mechanism to automatically identify accounts designated as temporary or emergency accounts.
- O112-C2-002700 - The DBMS must enforce approved authorizations for logical access to the system in accordance with applicable policy.
- O112-C2-009300 - The DBMS must protect audit information from any type of unauthorized access.
- O112-C2-009400 - The DBMS must protect audit information from unauthorized modification.
- O112-C2-011500 - Default demonstration and sample databases, database objects, and applications must be removed.
- O112-C2-014000 - The DBMS must support organizational requirements to prohibit password reuse for the organization-defined number of generations.
- O112-C2-017600 - The DBMS must terminate user sessions upon user logout or any other organization or policy-defined session termination events, such as idle time limit exceeded.
- O112-C2-018300 - The DBMS must take needed steps to protect data at rest and ensure confidentiality and integrity of application data.
Removed- O112-BP-021400 - Fixed user and public database links must be authorized for use - 'DB Links'
- O112-BP-021400 - Fixed user and public database links must be authorized for use - 'repcatlog count = 0'
- O112-BP-021600 - A minimum of two Oracle redo log groups/files must be defined and configured to be stored on separate, archived physical disks or archived directories on a RAID device - V$LOG count
- O112-BP-021600 - A minimum of two Oracle redo log groups/files must be defined and configured to be stored on separate, archived physical disks or archived directories on a RAID device - V$LOG members count
- O112-BP-023100 - Database job/batch queues must be reviewed regularly to detect unauthorized database job submissions - MAX_JOB_SLAVE_PROCESSES
- O112-BP-023100 - Database job/batch queues must be reviewed regularly to detect unauthorized database job submissions - job_queue_processes
- O112-BP-023600 - Only authorized system accounts must have the SYSTEM tablespace specified as the default tablespace - default tablespace
- O112-BP-023600 - Only authorized system accounts must have the SYSTEM tablespace specified as the default tablespace - non-default account records
- O112-BP-024000 - Application object owner accounts must be disabled when not performing installation or maintenance actions - dba roles
- O112-BP-024000 - Application object owner accounts must be disabled when not performing installation or maintenance actions - locked roles
- O112-C2-001900 - The DBMS must provide a mechanism to automatically identify accounts designated as temporary or emergency accounts - Profile list
- O112-C2-001900 - The DBMS must provide a mechanism to automatically identify accounts designated as temporary or emergency accounts - User Profile assignment
- O112-C2-001900 - The DBMS must provide a mechanism to automatically identify accounts designated as temporary or emergency accounts - User not assigned the default
- O112-C2-002700 - The DBMS must enforce approved authorizations for logical access to the system in accordance with applicable policy - Role Table SELECT
- O112-C2-002700 - The DBMS must enforce approved authorizations for logical access to the system in accordance with applicable policy - Role assignments to users
- O112-C2-002700 - The DBMS must enforce approved authorizations for logical access to the system in accordance with applicable policy - User Table SELECT
- O112-C2-002700 - The DBMS must enforce approved authorizations for logical access to the system in accordance with applicable policy - User role listing
- O112-C2-009300 - The DBMS must protect audit information from any type of unauthorized access - 'DBA_COL_PRIVS'
- O112-C2-009300 - The DBMS must protect audit information from any type of unauthorized access - 'DBA_TAB_PRIVS'
- O112-C2-009400 - The DBMS must protect audit information from unauthorized modification - 'DBA_COL_PRIVS'
- O112-C2-009400 - The DBMS must protect audit information from unauthorized modification - 'DBA_TAB_PRIVS'
- O112-C2-011500 - Default demonstration and sample databases, database objects, and applications must be removed - 'BI User'
- O112-C2-011500 - Default demonstration and sample databases, database objects, and applications must be removed - 'HR User'
- O112-C2-011500 - Default demonstration and sample databases, database objects, and applications must be removed - 'IX User'
- O112-C2-011500 - Default demonstration and sample databases, database objects, and applications must be removed - 'OE User'
- O112-C2-011500 - Default demonstration and sample databases, database objects, and applications must be removed - 'PM User'
- O112-C2-011500 - Default demonstration and sample databases, database objects, and applications must be removed - 'SCOTT User'
- O112-C2-011500 - Default demonstration and sample databases, database objects, and applications must be removed - 'SH User'
- O112-C2-014000 - The DBMS must support organizational requirements to prohibit password reuse for the organization-defined number of generations - PASSWORD_REUSE_MAX >= 5
- O112-C2-014000 - The DBMS must support organizational requirements to prohibit password reuse for the organization-defined number of generations - PASSWORD_REUSE_TIME >= 5
- O112-C2-017600 - The DBMS must terminate user sessions upon user logout or any other organization or policy-defined session termination events, such as idle time limit exceeded - CONNECT_TIME
- O112-C2-017600 - The DBMS must terminate user sessions upon user logout or any other organization or policy-defined session termination events, such as idle time limit exceeded - IDLE_TIME
- O112-C2-017600 - The DBMS must terminate user sessions upon user logout or any other organization or policy-defined session termination events, such as idle time limit exceeded - SESSIONS_PER_USER
- O112-C2-018300 - The DBMS must take needed steps to protect data at rest and ensure confidentiality and integrity of application data - encrypted columns
- O112-C2-018300 - The DBMS must take needed steps to protect data at rest and ensure confidentiality and integrity of application data - encrypted tablespace
- O112-C2-018300 - The DBMS must take needed steps to protect data at rest and ensure confidentiality and integrity of application data - tablespace encryption algorithm
|
