STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017: STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:SV-24626r1_rule
V-3807
DBMS software access audit
DG0052-ORACLE11
CAT II
10
Modify auditing to ensure audit records include identification of applications used to access the DBMS.
Ensure auditing captures the name [or unique identifier] of applications accessing the DBMS at a minimum.
Develop or procure a 3rd-party solution where native DBMS logging is not employed or does not capture required information.
Review the DBMS audit trail to determine if the names [or unique identifiers] of applications used to connect to the database are included.
If an alternate method other than DBMS logging is authorized and implemented, review the audit trail to determine if the names [or unique identifiers] of applications used to connect to the database are included.
If application access to the DBMS is not being audited, this is a Finding.
If auditing does not capture the name [or unique identifier] of applications accessing the DBMS at a minimum, this is a Finding.
V-3807
False
DG0052-ORACLE11
Review the DBMS audit trail to determine if the names [or unique identifiers] of applications used to connect to the database are included.
If an alternate method other than DBMS logging is authorized and implemented, review the audit trail to determine if the names [or unique identifiers] of applications used to connect to the database are included.
If application access to the DBMS is not being audited, this is a Finding.
If auditing does not capture the name [or unique identifier] of applications accessing the DBMS at a minimum, this is a Finding.
M
Database Administrator
1368