DG0031-ORACLE11 - Transaction logs should be periodically reviewed for unauthorized modification of data.

Information

Unauthorized or malicious changes to data compromise the integrity and usefulness of the data. Auditing changes to data supports accountability and non-repudiation. Auditing changes to data may be provided by the application accessing the DBMS or may depend upon the DBMS auditing functions. When DBMS auditing is used, the DBA is responsible for ensuring the auditing configuration meets the application design requirements.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure database data auditing to comply with the requirements of the application.

Document auditing requirements in the System Security Plan.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-28970r1_rule, STIG-ID|DG0031-ORACLE11, Vuln-ID|V-15133

Plugin: OracleDB

Control ID: 4df80de00718e69861fb6c89361cae89ceb58add220e0586d1fc5e6d6102de10