Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-54051 | O112-BP-025800 | SV-68291r1_rule | Medium |
Description |
---|
The AUDIT_SYS_OPERATIONS parameter is used to enable auditing of actions taken by the user SYS. The SYS user account is a shared account by definition and holds all privileges in the Oracle database. It is the account accessed by users connecting to the database with SYSDBA or SYSOPER privileges. |
STIG | Date |
---|---|
Oracle Database 11.2g Security Technical Implementation Guide | 2016-12-15 |
Check Text ( C-54845r1_chk ) |
---|
From SQL*Plus: select value from v$parameter where name = 'audit_sys_operations'; If the value returned is FALSE, this is a Finding. |
Fix Text (F-58893r1_fix) |
---|
From SQL*Plus: alter system set audit_sys_operations = TRUE scope = spfile; The above SQL*Plus command will set the parameter to take effect at next system startup. |