STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The DBMS must employ strong identification and authentication techniques when establishing non-local maintenance and diagnostic sessions.

DISA Rule

SV-238472r667590_rule

Vulnerability Number

V-238472

Group Title

SRG-APP-000516-DB-000363

Rule Version

O112-C2-016100

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure DBMS settings to use strong identification and authentication techniques for non-local maintenance and diagnostic sessions.

Check Contents

Review DBMS settings to determine whether strong identification and authentication techniques are required for non-local maintenance and diagnostic sessions. If strong identification and authentication techniques are not required, this is a finding.

Vulnerability Number

V-238472

Documentable

False

Rule Version

O112-C2-016100

Severity Override Guidance

Review DBMS settings to determine whether strong identification and authentication techniques are required for non-local maintenance and diagnostic sessions. If strong identification and authentication techniques are not required, this is a finding.

Check Content Reference

M

Target Key

4057

Comments