STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:SV-219697r401224_rule
V-219697
SRG-APP-000516-DB-000363
O112-BP-021400
CAT II
10
Document all authorized connections from the database to remote databases in the System Security Plan.
Remove all unauthorized remote database connection definitions from the database.
From SQL*Plus:
drop database link [link name];
OR
drop public database link [link name];
Review remote database connection definitions periodically and confirm their use is still required and authorized.
From SQL*Plus:
select owner||': '||db_link from dba_db_links;
select count(*) from sys.dba_repcatlog;
If no records are returned from the first SQL statement, this check is Not a Finding.
If the value of the count returned is 0 for the second SQL statement, none of the database links listed above, if any, is used for replication.
Confirm the public and fixed user database links listed are documented in the System Security Plan, are authorized by the IAO and are used for replication or operational system requirements.
If any are not, this is a Finding.
V-219697
False
O112-BP-021400
From SQL*Plus:
select owner||': '||db_link from dba_db_links;
select count(*) from sys.dba_repcatlog;
If no records are returned from the first SQL statement, this check is Not a Finding.
If the value of the count returned is 0 for the second SQL statement, none of the database links listed above, if any, is used for replication.
Confirm the public and fixed user database links listed are documented in the System Security Plan, are authorized by the IAO and are used for replication or operational system requirements.
If any are not, this is a Finding.
M
4057