The DBMS must initiate session auditing upon startup of the database.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32365 | SRG-APP-000092-DB-000208 | SV-42702r1_rule | Medium |
| Description |
|---|
| Session auditing activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, or regulations. Typically, auditing is limited to specific user actions or security events. Session auditing can record every user action of a specific user or group of users. If session auditing is not available it could impede legal investigations into malicious use or compromise of the database. |
| STIG | Date |
|---|---|
| Database Security Requirements Guide | 2012-07-02 |
Details
| Check Text ( C-40807r2_chk ) |
|---|
| Review DBMS vendor documentation to determine whether the DBMS software is capable of session auditing. Review the DBMS settings to determine whether session auditing is enabled. If the DBMS is not capable of session auditing and a third party product is not being used for session level auditing, this is a finding. If the DBMS is capable of session level auditing but session auditing is not enabled, or if a third party product is available for session auditing but is not enabled, this is a finding. |
| Fix Text (F-36280r2_fix) |
|---|
| Utilize DBMS software or a third party product that supports session auditing. Configure the DBMS software or third party product to enable session auditing. |