STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:

DBMS software libraries should be periodically backed up.

DISA Rule

SV-24832r1_rule

Vulnerability Number

V-15121

Group Title

DBMS software file backups

Rule Version

DG0187-ORACLE11

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Configure backups to include all ORACLE home directories and subdirectories and any other Oracle application and third-party database application software libraries.

Check Contents

Review evidence of Oracle database and dependent application files and directories.

For UNIX Systems:

These files are found in the directories $ORACLE_BASE and $ORACLE_HOME.

For Windows Systems:

The Oracle software directory is specified on a Windows host in the registry value HKLM\SOFTWARE\Oracle\KEY_[ORACLE_HOME_NAME]\ORACLE_HOME.

Other Oracle software including, but not limited to Oracle tools and utilities, are usually found on Windows platforms in the C:\Program Files\Oracle directory and subdirectories.

Third-party applications may be located in other directory structures.

Review the System Security Plan for a list of all DBMS application software libraries to be included in software library backups.

If any software library files are not included in regular backups, this is a Finding.

DBMS software libraries should be periodically backed up.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments