Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
All use of privileged accounts must be audited.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-61595 | O121-C2-004200 | SV-76085r2_rule | Medium |
| Description |
|---|
| This is intended to limit exposure, by making it possible to trace any unauthorized access, by a privileged user account or role that has permissions on security functions or security-relevant information, to other data or functionality. |
| STIG | Date |
|---|---|
| Oracle Database 12c Security Technical Implementation Guide | 2018-01-03 |
Details
| Check Text ( C-62467r3_chk ) |
|---|
| Review auditing configuration. If it is possible for a privileged user/role to access non-security functions or information without having the action recorded in the audit log, this is a finding. To obtain a list of unified auditing policies that have been defined, run the query: SELECT unique policy_name from AUDIT_UNIFIED_POLICIES; To obtain a list of unified auditing policies that have been enabled and the users for which it has been enabled, run the query: SELECT unique policy_name, user_name from AUDIT_UNIFIED_ENABLED_POLICIES; Unless otherwise required, verify that user_name is set to 'ALL USERS' to insure that the activity of administrative users is being logged. |
| Fix Text (F-67511r1_fix) |
|---|
| Configure DBMS auditing so that all use of privileged accounts is recorded in the audit log. |