STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017: STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:SV-24963r1_rule
V-16056
Oracle Configuration Manager
DO6754-ORACLE11
CAT II
10
Remove Oracle Configuration Manager.
Details for removal are provided in Oracle MetaLink Note 369111.1 or in MetaLink Note 728989.1 for a link to the OCM Installation and Administration Guide.
NOTE: The collection does not include application or custom data within the database. If released to unauthorized persons, system configuration data may be used by malicious persons to gain additional unauthorized access to the database or other systems.
On UNIX Systems:
ls $ORACLE_HOME/ccr
On Windows Systems (From Windows Explorer):
Browse to the %ORACLE_HOME% directory.
If the directory ORACLE_HOME\ccr does not exist, this is not a Finding.
If the ccr directory exists, confirm if any of the Oracle databases have been configured for OCM:
From SQL*Plus:
select username from dba_users where username = 'ORACLE_OCM';
If the account exists, OCM has been installed (on this database) and is a Finding.
V-16056
False
DO6754-ORACLE11
NOTE: The collection does not include application or custom data within the database. If released to unauthorized persons, system configuration data may be used by malicious persons to gain additional unauthorized access to the database or other systems.
On UNIX Systems:
ls $ORACLE_HOME/ccr
On Windows Systems (From Windows Explorer):
Browse to the %ORACLE_HOME% directory.
If the directory ORACLE_HOME\ccr does not exist, this is not a Finding.
If the ccr directory exists, confirm if any of the Oracle databases have been configured for OCM:
From SQL*Plus:
select username from dba_users where username = 'ORACLE_OCM';
If the account exists, OCM has been installed (on this database) and is a Finding.
M
Database Administrator
1368