UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

An automated tool that monitors audit data and immediately reports suspicious activity should be employed for the DBMS.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15103 DG0161-ORACLE11 SV-24815r1_rule ECAT-2 Medium
Description
Audit logs only capture information on suspicious events. Without an automated monitoring and alerting tool, malicious activity may go undetected and without response until compromise of the database or data is severe.
STIG Date
Oracle Database 11g Installation STIG 2015-06-23

Details

Check Text ( C-29379r1_chk )
Review evidence or operation of an automated, continuous on-line monitoring and audit trail creation capability for the DBMS is deployed with the capability to immediately alert personnel of any unusual or inappropriate activity with potential IA implications, and with a user-configurable capability to automatically disable the system if serious IA violations are detected.

If the requirements listed above are not fully met, this is a Finding.
Fix Text (F-26404r1_fix)
Develop or procure, document and implement an automated, continuous on-line monitoring and audit trail creation capability for the DBMS is deployed with the capability to immediately alert personnel of any unusual or inappropriate activity with potential IA implications, and with a user-configurable capability to automatically disable the system if serious IA violations are detected.