STIGQter STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

Changes to configuration options must be audited.

DISA Rule

SV-219868r401224_rule

Vulnerability Number

V-219868

Group Title

SRG-APP-000516-DB-000363

Rule Version

O121-BP-025800

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

From SQL*Plus:

alter system set audit_sys_operations = TRUE scope = spfile;

The above SQL*Plus command will set the parameter to take effect at next system startup.

Check Contents

From SQL*Plus:

select value from v$parameter where name = 'audit_sys_operations';

If the value returned is FALSE, this is a finding.

Vulnerability Number

V-219868

Documentable

False

Rule Version

O121-BP-025800

Severity Override Guidance

From SQL*Plus:

select value from v$parameter where name = 'audit_sys_operations';

If the value returned is FALSE, this is a finding.

Check Content Reference

M

Target Key

4059

Comments