UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

A baseline of database application software should be documented and maintained.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3806 DG0021-ORACLE11 SV-24610r1_rule DCSW-1 Medium
Description
Without maintenance of a baseline of current DBMS application software, monitoring for changes cannot be complete and unauthorized changes to the software can go undetected. Changes to the DBMS executables could be the result of intentional or unintentional actions.
STIG Date
Oracle Database 11g Installation STIG 2014-04-02

Details

Check Text ( C-29111r1_chk )
Review DBMS software baseline procedures and implementation evidence.

Review the list of files, directories and details included in the current baseline for completeness.

If DBMS software configuration baseline procedures do not exist, evidence of implementation does not exist, or baseline is not documented and current, this is a Finding.
Fix Text (F-26114r1_fix)
Develop, document and implement DBMS software baseline procedures that include all DBMS software files and directories under the ORACLE_BASE and ORACLE_HOME environment variables and any custom and platform-specific directories.

Generate a list of files, directories and details for the DBMS software configuration baseline.

Update the configuration baseline after new installations, upgrades/updates or maintenance activities that include changes to the baseline software.