STIGQter STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 1 Release: 16 Benchmark Date: 24 Jan 2020: The system must verify there have not been unauthorized changes to the DBMS software and information.

DISA Rule

SV-76277r1_rule

Vulnerability Number

V-61787

Group Title

SRG-APP-000262-DB-000159

Rule Version

O121-C2-019600

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Utilize the OS or a third-party product to perform file verification of DBMS system file integrity.

(Using Oracle Configuration Manager with Enterprise Manager, configured to perform this verification, is one possible way of satisfying this requirement.)

Check Contents

Verify the DBMS system initialization/parameter files and software is included in the configuration of any third-party software or custom scripting at the OS level to perform integrity verification.

If neither a third-party application nor the OS is performing integrity verification of DBMS system files, this is a finding.

Vulnerability Number

V-61787

Documentable

False

Rule Version

O121-C2-019600

Severity Override Guidance

Verify the DBMS system initialization/parameter files and software is included in the configuration of any third-party software or custom scripting at the OS level to perform integrity verification.

If neither a third-party application nor the OS is performing integrity verification of DBMS system files, this is a finding.

Check Content Reference

M

Target Key

2679

Comments