STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The DBMS must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).

DISA Rule

SV-219794r395859_rule

Vulnerability Number

V-219794

Group Title

SRG-APP-000148-DB-000103

Rule Version

O112-P2-012800

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Configure DBMS, OS and/or enterprise-level authentication/access mechanism to uniquely identify and authenticate all organizational users who log onto the system. Ensure that each user has a separate account from all other users.

(This is the default behavior of Oracle.)

Check Contents

Review DBMS settings, OS settings, and/or enterprise-level authentication/access mechanism settings, and site practices, to determine whether organizational users are uniquely identified and authenticated when logging onto the system. If organizational users are not uniquely identified and authenticated, this is a finding.

Vulnerability Number

V-219794

Documentable

False

Rule Version

O112-P2-012800

Severity Override Guidance

Review DBMS settings, OS settings, and/or enterprise-level authentication/access mechanism settings, and site practices, to determine whether organizational users are uniquely identified and authenticated when logging onto the system. If organizational users are not uniquely identified and authenticated, this is a finding.

Check Content Reference

M

Target Key

4057

Comments