STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 1 Release: 16 Benchmark Date: 24 Jan 2020: Plans and procedures for testing DBMS installations, upgrades and patches must be defined and followed prior to production implementation.

DISA Rule

SV-75989r1_rule

Vulnerability Number

V-61499

Group Title

SRG-APP-000516-DB-999900

Rule Version

O121-BP-024700

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Develop, document and implement procedures for testing DBMS installations, upgrades and patches prior to deployment on production systems.

Check Contents

Review policy and procedures documented or noted in the System Security Plan and evidence of implementation for testing DBMS installations, upgrades and patches prior to production deployment.

If policy and procedures do not exist or evidence of implementation does not exist, this is a finding.

Vulnerability Number

V-61499

Documentable

False

Rule Version

O121-BP-024700

Severity Override Guidance

Review policy and procedures documented or noted in the System Security Plan and evidence of implementation for testing DBMS installations, upgrades and patches prior to production deployment.

If policy and procedures do not exist or evidence of implementation does not exist, this is a finding.

Check Content Reference

M

Target Key

2679

Comments