STIGQter: STIG Summary: Oracle Database 11g Instance STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017: STIGQter: STIG Summary: Oracle Database 11g Instance STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:SV-24622r2_rule
V-5686
DBMS audit record access
DG0032-ORACLE11
CAT II
10
Document and authorize accounts granted access to the AUD$ table in the System Security Plan.
Revoke access permissions granted to the AUD$ table from unauthorized users.
From SQL*Plus:
select value from v$parameter where name='audit_trail';
If none of the following values is displayed, this check is Not a Finding.
Oracle 11.1 – 11.2 = 'db'
Oracle 11.1 – 11.2 = 'db_extended'
Review access granted to the AUD$ table.
From SQL*Plus:
select grantee from dba_tab_privs
where table_name = 'AUD$'
and grantee not in ('DELETE_CATALOG_ROLE')
and grantee not in
(select grantee from dba_role_privs
where granted_role = 'DBA')
order by grantee;
View access granted to the AUD$ table against those authorized in the System Security Plan.
If any are not authorized, this is a Finding.
V-5686
True
DG0032-ORACLE11
From SQL*Plus:
select value from v$parameter where name='audit_trail';
If none of the following values is displayed, this check is Not a Finding.
Oracle 11.1 – 11.2 = 'db'
Oracle 11.1 – 11.2 = 'db_extended'
Review access granted to the AUD$ table.
From SQL*Plus:
select grantee from dba_tab_privs
where table_name = 'AUD$'
and grantee not in ('DELETE_CATALOG_ROLE')
and grantee not in
(select grantee from dba_role_privs
where granted_role = 'DBA')
order by grantee;
View access granted to the AUD$ table against those authorized in the System Security Plan.
If any are not authorized, this is a Finding.
M
Database Administrator
1367