STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:SV-219748r395442_rule
V-219748
SRG-APP-000001-DB-000031
O112-C2-000100
CAT II
10
Limit concurrent connections for each system account to a number less than or equal to the organization-defined number of sessions using the following SQL. Create profiles that conform to the DoD requirements. Assign users to the appropriate profile.
Change the value of SESSIONS_PER_USER (along with the other parameters, where relevant) from UNLIMITED to DoD-compliant, site-specific requirements and then assign users to the profile (the name PPPPP is an example; use a name appropriate to your circumstance):
CREATE PROFILE "PPPPPP" LIMIT CPU_PER_SESSION UNLIMITED
CPU_PER_CALL UNLIMITED
CONNECT_TIME UNLIMITED
IDLE_TIME UNLIMITED
SESSIONS_PER_USER UNLIMITED
LOGICAL_READS_PER_SESSION UNLIMITED
LOGICAL_READS_PER_CALL UNLIMITED
PRIVATE_SGA UNLIMITED
COMPOSITE_LIMIT UNLIMITED
PASSWORD_LIFE_TIME 180
PASSWORD_GRACE_TIME 7
PASSWORD_REUSE_MAX UNLIMITED
PASSWORD_REUSE_TIME UNLIMITED
PASSWORD_LOCK_TIME 1
FAILED_LOGIN_ATTEMPTS 10
PASSWORD_VERIFY_FUNCTION NULL
To assign the user to the profile do the following:
ALTER USER user1 PROFILE PPPPPP;
Retrieve the settings for concurrent sessions for each profile with the query:
SELECT * FROM SYS.DBA_PROFILES WHERE RESOURCE_NAME = 'SESSIONS_PER_USER';
If the DBMS settings for concurrent sessions for each profile are greater than the organizationally defined maximum number of sessions, this is a finding.
V-219748
False
O112-C2-000100
Retrieve the settings for concurrent sessions for each profile with the query:
SELECT * FROM SYS.DBA_PROFILES WHERE RESOURCE_NAME = 'SESSIONS_PER_USER';
If the DBMS settings for concurrent sessions for each profile are greater than the organizationally defined maximum number of sessions, this is a finding.
M
4057