STIGQter STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 1 Release: 17 Benchmark Date: 24 Jan 2020: Connections by mid-tier web and application systems to the Oracle DBMS from a DMZ or external network must be encrypted.

DISA Rule

SV-68237r3_rule

Vulnerability Number

V-53997

Group Title

SRG-APP-000516-DB-999900

Rule Version

O112-BP-023000

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure communications between the DBMS and remote applications/application servers to use DoD-approved encryption.

Check Contents

Review the System Security Plan for remote applications that access and use the database.

For each remote application or application server, determine whether communications between it and the DBMS are encrypted. If any are not encrypted, this is a finding.

Vulnerability Number

V-53997

Documentable

False

Rule Version

O112-BP-023000

Severity Override Guidance

Review the System Security Plan for remote applications that access and use the database.

For each remote application or application server, determine whether communications between it and the DBMS are encrypted. If any are not encrypted, this is a finding.

Check Content Reference

M

Target Key

2669

Comments