Access to DBMS security data should be audited.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15643 | DG0140-ORACLE10 | SV-24431r1_rule | ECAR-1 ECAR-2 ECAR-3 | Medium |
| Description |
|---|
| DBMS security data is useful to malicious users to perpetrate activities that compromise DBMS operations or data integrity. Auditing of access to this data supports forensic and accountability investigations. |
| STIG | Date |
|---|---|
| Oracle Database 10g Installation STIG | 2014-04-02 |
Details
| Check Text ( C-17015r1_chk ) |
|---|
| Determine the locations of DBMS audit, configuration, credential and other security data. Review audit settings for these files or data objects. If access to the security data is not audited, this is a Finding. If no access is audited, consider the operational impact and appropriateness for access that is not audited. If the risk for incomplete auditing of the security files is reasonable and documented in the System Security Plan, then do not include this as a Finding. |
| Fix Text (F-23925r1_fix) |
|---|
| Determine all locations for storage of DBMS security and configuration data. Enable auditing for access to any security data. If auditing results in an unacceptable adverse impact on application operation, reduce the amount of auditing to a reasonable and acceptable level. Document any incomplete audit with acceptance of the risk of incomplete audit in the System Security Plan. |