6.1.9 Ensure the 'DIRECTORY' Audit Option Is Enabled

Information

The DIRECTORY object allows for the creation of a directory object that specifies an alias for a directory on the server file system, where the external binary file LOBs ( BFILEs )/ table data are located. Enabling this audit option causes all user activities involving the creation or dropping of a directory alias to be audited.

As the logging of user activities involving the creation or dropping of a DIRECTORY can provide forensic evidence about a pattern of unauthorized activities, the audit capability should be enabled.

Solution

To remediate this setting, execute the following SQL statement in either the non multi-tenant or container database, it does NOT need run in the pluggable.

AUDIT DIRECTORY;

See Also

https://workbench.cisecurity.org/benchmarks/11760