UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

All use of privileged accounts must be audited.


Overview

Finding ID Version Rule ID IA Controls Severity
V-61595 O121-C2-004200 SV-76085r1_rule Medium
Description
This is intended to limit exposure, by making it possible to trace any unauthorized access, by a privileged user account or role that has permissions on security functions or security-relevant information, to other data or functionality.
STIG Date
Oracle Database 12c Security Technical Implementation Guide 2015-12-21

Details

Check Text ( C-62467r1_chk )
Review auditing configuration. If it is possible for a privileged user/role to access non-security functions or information without having the action recorded in the audit log, this is a finding.
Fix Text (F-67511r1_fix)
Configure DBMS auditing so that all use of privileged accounts is recorded in the audit log.