STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:SV-237741r667255_rule
V-237741
SRG-APP-000516-DB-000363
O121-C2-018600
CAT II
10
Create a profile specifically for emergency or temporary accounts. When creating the accounts, assign them to this profile. Configure DBMS, OS, and/or enterprise-level authentication/access mechanisms, or implement custom code, to terminate accounts with this profile after an organization-defined time period.
If the organization has a policy, consistently enforced, forbidding the creation of emergency or temporary accounts, this is not a finding.
Check DBMS settings, OS settings, and/or enterprise-level authentication/access mechanisms settings to determine if emergency accounts are being automatically terminated by the system after an organization-defined time period. Check also for custom code (scheduled jobs, procedures, triggers, etc.) for achieving this.
If emergency accounts are not being terminated after an organization-defined time period, this is a finding.
V-237741
False
O121-C2-018600
If the organization has a policy, consistently enforced, forbidding the creation of emergency or temporary accounts, this is not a finding.
Check DBMS settings, OS settings, and/or enterprise-level authentication/access mechanisms settings to determine if emergency accounts are being automatically terminated by the system after an organization-defined time period. Check also for custom code (scheduled jobs, procedures, triggers, etc.) for achieving this.
If emergency accounts are not being terminated after an organization-defined time period, this is a finding.
M
4059