STIGQter: STIG Summary: Oracle Database 11g Instance STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017: STIGQter: STIG Summary: Oracle Database 11g Instance STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:SV-24862r1_rule
V-2516
Oracle shared replication account access
DO0210-ORACLE11
CAT II
10
Change the password for default and custom replication accounts and provide the password to IAO-authorized users only.
From SQL*Plus:
select 'The number of replication objects defined is: '||
count(*) from all_tables
where table_name like 'REPCAT%';
If the count returned is 0, then Oracle Replication is not installed and this check is Not a Finding.
Otherwise:
From SQL*Plus:
select count(*) from sys.dba_repcatlog;
If the count returned is 0, then Oracle Replication is not in use and this check is Not a Finding.
If any results are returned, ask the IAO or DBA if the replication account (the default is REPADMIN, but may be customized) is restricted to IAO-authorized personnel only.
If it is not, this is a Finding.
If there are multiple replication accounts, confirm that all are justified and documented with the IAO.
If they are not, this is a Finding.
V-2516
False
DO0210-ORACLE11
From SQL*Plus:
select 'The number of replication objects defined is: '||
count(*) from all_tables
where table_name like 'REPCAT%';
If the count returned is 0, then Oracle Replication is not installed and this check is Not a Finding.
Otherwise:
From SQL*Plus:
select count(*) from sys.dba_repcatlog;
If the count returned is 0, then Oracle Replication is not in use and this check is Not a Finding.
If any results are returned, ask the IAO or DBA if the replication account (the default is REPADMIN, but may be customized) is restricted to IAO-authorized personnel only.
If it is not, this is a Finding.
If there are multiple replication accounts, confirm that all are justified and documented with the IAO.
If they are not, this is a Finding.
M
Information Assurance Officer
1367