STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:SV-219695r401224_rule
V-219695
SRG-APP-000516-DB-000363
O112-BP-021200
CAT II
10
Change the password for default and custom replication accounts and provide the password to IAO-authorized users only.
From SQL*Plus:
select 'The number of replication objects defined is: '||
count(*) from all_tables
where table_name like 'REPCAT%';
If the count returned is 0, then Oracle Replication is not installed and this check is Not a Finding.
Otherwise:
From SQL*Plus:
select count(*) from sys.dba_repcatlog;
If the count returned is 0, then Oracle Replication is not in use and this check is Not a Finding.
If any results are returned, ask the IAO or DBA if the replication account (the default is REPADMIN, but may be customized) is restricted to IAO-authorized personnel only.
If it is not, this is a Finding.
If there are multiple replication accounts, confirm that all are justified and documented with the IAO.
If they are not, this is a Finding.
V-219695
False
O112-BP-021200
From SQL*Plus:
select 'The number of replication objects defined is: '||
count(*) from all_tables
where table_name like 'REPCAT%';
If the count returned is 0, then Oracle Replication is not installed and this check is Not a Finding.
Otherwise:
From SQL*Plus:
select count(*) from sys.dba_repcatlog;
If the count returned is 0, then Oracle Replication is not in use and this check is Not a Finding.
If any results are returned, ask the IAO or DBA if the replication account (the default is REPADMIN, but may be customized) is restricted to IAO-authorized personnel only.
If it is not, this is a Finding.
If there are multiple replication accounts, confirm that all are justified and documented with the IAO.
If they are not, this is a Finding.
M
4057