STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017: STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:SV-24432r1_rule
V-15643
DBMS security data access
DG0140-ORACLE11
CAT II
10
Determine all locations for storage of DBMS security and configuration data. Enable auditing for access to any security data. If auditing results in an unacceptable adverse impact on application operation, reduce the amount of auditing to a reasonable and acceptable level. Document any incomplete audit with acceptance of the risk of incomplete audit in the System Security Plan.
Determine the locations of DBMS audit, configuration, credential and other security data. Review audit settings for these files or data objects.
If access to the security data is not audited, this is a Finding.
If no access is audited, consider the operational impact and appropriateness for access that is not audited.
If the risk for incomplete auditing of the security files is reasonable and documented in the System Security Plan, then do not include this as a Finding.
V-15643
False
DG0140-ORACLE11
Determine the locations of DBMS audit, configuration, credential and other security data. Review audit settings for these files or data objects.
If access to the security data is not audited, this is a Finding.
If no access is audited, consider the operational impact and appropriateness for access that is not audited.
If the risk for incomplete auditing of the security files is reasonable and documented in the System Security Plan, then do not include this as a Finding.
M
Database Administrator
1368