UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The database should be secured in accordance with DoD guidance where applicable.


Overview

Finding ID Version Rule ID IA Controls Severity
V-6767 DG0007-ORACLE11 SV-25032r1_rule DCCS-1 DCCS-2 Medium
Description
DBMS systems that do not follow DoD security guidance are vulnerable to related published vulnerabilities. A DoD reference document such as a security technical implementation guide or security recommendation guide constitutes the primary source for security configuration or implementation guidance for the deployment of newly acquired IA- and IA-enabled IT products that require use of the product's IA capabilities.
STIG Date
Oracle 11 Database Installation STIG 2014-01-14

Details

Check Text ( C-1048r1_chk )
Review security and administration documentation maintained for the DBMS system for indications that DoD security guidance has been applied to the DBMS system.

If the DBMS system has not been secured using available DoD security guidance, this is a Finding.
Fix Text (F-17962r1_fix)
Apply available DoD security guidance to the DBMS system.

If DoD security guidance is not available, the system owner works with DISA or NSA to draft configuration guidance for inclusion in a departmental reference guide.