STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:

Audit trail data should be reviewed daily or more frequently.

DISA Rule

SV-24405r1_rule

Vulnerability Number

V-3827

Group Title

DBMS audit trail data review

Rule Version

DG0095-ORACLE11

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Develop, document and implement policy and procedures to monitor audit trail data daily.

Check Contents

If the database being reviewed is not a production database, this check is Not a Finding.

Review policy and procedures documented or noted in the System Security plan as well as evidence of implementation for daily audit trail monitoring.

If policy and procedures are not documented or evidence of implementation is not available, this is a Finding.

Vulnerability Number

V-3827

Documentable

False

Rule Version

DG0095-ORACLE11

Severity Override Guidance

If the database being reviewed is not a production database, this check is Not a Finding.

Review policy and procedures documented or noted in the System Security plan as well as evidence of implementation for daily audit trail monitoring.

If policy and procedures are not documented or evidence of implementation is not available, this is a Finding.

Check Content Reference

I

Responsibility

Information Assurance Officer

Target Key

1368

Comments