STIGQter STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 1 Release: 16 Benchmark Date: 24 Jan 2020: Remote administrative access to the database must be monitored by the ISSO or ISSM.

DISA Rule

SV-75983r1_rule

Vulnerability Number

V-61493

Group Title

SRG-APP-000516-DB-999900

Rule Version

O121-BP-024400

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Develop, document and implement policy and procedures to monitor remote administrative access to the DBMS.

The automated generation of a log report with automatic dissemination to the ISSO/ISSM may be used.

Require and store an acknowledgement of receipt and confirmation of review for the log report.

Check Contents

If remote administrative access to the database is prohibited and is disabled, this check is not a finding.

Review policy, procedure and evidence of implementation for monitoring of remote administrative access to the database.

If monitoring procedures for remote administrative access are not documented or implemented, this is a finding.

Vulnerability Number

V-61493

Documentable

False

Rule Version

O121-BP-024400

Severity Override Guidance

If remote administrative access to the database is prohibited and is disabled, this check is not a finding.

Review policy, procedure and evidence of implementation for monitoring of remote administrative access to the database.

If monitoring procedures for remote administrative access are not documented or implemented, this is a finding.

Check Content Reference

M

Target Key

2679

Comments