DG0070-ORACLE11 - Unauthorized user accounts should not exist.

Information

Unauthorized user accounts provide unauthorized access to the database and may allow access to database objects. Only authorized users should be granted database accounts.

Solution

Develop, document and implement procedures for authorizing creation, changes and deletions of user accounts.

Monitor user accounts to verify that they remain authorized.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-2, CAT|II, Rule-ID|SV-24647r1_rule, STIG-ID|DG0070-ORACLE11, Vuln-ID|V-2508

Plugin: OracleDB

Control ID: 017b37d19d0debb7b402fd3ddbda84fcbeaabe04fbca108801699bcedc3b9956