Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-3806 | DG0021-ORACLE11 | SV-24610r1_rule | Medium |
Description |
---|
Without maintenance of a baseline of current DBMS application software, monitoring for changes cannot be complete and unauthorized changes to the software can go undetected. Changes to the DBMS executables could be the result of intentional or unintentional actions. |
STIG | Date |
---|---|
Oracle Database 11g Installation STIG | 2017-06-29 |
Check Text ( C-29111r1_chk ) |
---|
Review DBMS software baseline procedures and implementation evidence. Review the list of files, directories and details included in the current baseline for completeness. If DBMS software configuration baseline procedures do not exist, evidence of implementation does not exist, or baseline is not documented and current, this is a Finding. |
Fix Text (F-26114r1_fix) |
---|
Develop, document and implement DBMS software baseline procedures that include all DBMS software files and directories under the ORACLE_BASE and ORACLE_HOME environment variables and any custom and platform-specific directories. Generate a list of files, directories and details for the DBMS software configuration baseline. Update the configuration baseline after new installations, upgrades/updates or maintenance activities that include changes to the baseline software. |