Detections
Analytics

CIS IBM DB2 OS L1 v1.2.0

Audit Details

Name: CIS IBM DB2 OS L1 v1.2.0

Updated: 4/12/2023

Authority: CIS

Plugin: Unix

Revision: 1.29

Estimated Item Count: 33

File Details

Filename: CIS_v1.2.0_IBM_DB2_OS_Linux_Level_1.audit

Size: 35.5 kB

MD5: c30d5aa504b28c0a75a02e410f3713a7
SHA256: b3bec48d4e63240e2ab3bb9235b3687b7340486d4d32143ce4a76bfd5daae520

Audit Items

DescriptionCategories
1.0.2 Use IP address rather than hostname - 'db2system = IP'

CONFIGURATION MANAGEMENT

1.0.3 Leverage a least privilege principle
1.0.4 Use non-standard account names - '!= dasusr1'

CONFIGURATION MANAGEMENT

1.0.4 Use non-standard account names - '!= db2admin'

CONFIGURATION MANAGEMENT

1.0.4 Use non-standard account names - '!= db2fenc1'

CONFIGURATION MANAGEMENT

1.0.4 Use non-standard account names - '!= db2inst1'

CONFIGURATION MANAGEMENT

2.0.1 Secure DB2 Runtime Library
2.0.2 Secure all database containers
2.0.3 Set umask value for DB2 admin user .profile file

ACCESS CONTROL

3.1.6 Secure permission of default database location
3.1.8 Secure all diagnostic logs - 'diagpath location'

AUDIT AND ACCOUNTABILITY

3.2.4 Establish secure archive log location - 'logarchmeth1 location'
3.2.5 Secure permission of the primary archive log location
3.2.6 Establish secure secondary archive location - 'logarchmeth2 location'
3.2.7 Secure permission of the secondary archive log location
3.2.8 Establish secure tertiary archive location - 'failarchpath location'
3.2.9 Secure permission of the tertiary archive location
3.2.10 Establish secure log mirror location - 'mirrorlogpath location'
3.3.1 Establish DAS administrative group - 'dasadm_group name'

ACCESS CONTROL

4.0.2 Review Security Rule Exemptions
4.0.3 Review Security Label Component
4.0.4 Review Security Label Policies
4.0.5 Review Security Labels
5.0.2 Protecting Backups
5.0.4 Schedule Runstat and Reorg
7.0.3 Establish system maintenance group - 'sysmaint_group users'

ACCESS CONTROL

7.0.4 Establish system monitoring group - 'sysmon_group users'

ACCESS CONTROL

8.0.1 Start and Stop DB2 Instance
9.0.1 Secure DB2 Control Center
9.0.2 Secure DB2 Configuration Assistant Utility
9.0.3 Secure DB2 Health Monitor Utility
9.0.4 DB2 Activity Monitor Utility
CIS_v1.2.0_IBM_DB2_OS_Linux_Level_2.audit from CIS DB2 8, 9 & 9.5 for Linux