STIGQter STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

Database recovery procedures must be developed, documented, implemented, and periodically tested.

DISA Rule

SV-238456r667542_rule

Vulnerability Number

V-238456

Group Title

SRG-APP-000516-DB-000363

Rule Version

O112-C2-012400

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Develop, document, and implement testing and verification procedures for database backup and recovery. Include requirements for documenting database backup and recovery testing and verification activities in the procedures.

Check Contents

Review the testing and verification procedures documented in the system documentation. Review evidence of implementation of testing and verification procedures by reviewing logs from backup and recovery implementation. Logs may be in electronic form or hardcopy and may include email or other notification. If testing and verification of backup and recovery procedures is not documented in the system documentation, this is a finding.

If evidence of testing and verification of backup and recovery procedures does not exist, this is a finding.

Vulnerability Number

V-238456

Documentable

False

Rule Version

O112-C2-012400

Severity Override Guidance

Review the testing and verification procedures documented in the system documentation. Review evidence of implementation of testing and verification procedures by reviewing logs from backup and recovery implementation. Logs may be in electronic form or hardcopy and may include email or other notification. If testing and verification of backup and recovery procedures is not documented in the system documentation, this is a finding.

If evidence of testing and verification of backup and recovery procedures does not exist, this is a finding.

Check Content Reference

M

Target Key

4057

Comments