DISA STIG Oracle JRE 8 Unix v1r3

Audit Details

Name: DISA STIG Oracle JRE 8 Unix v1r3

Updated: 4/25/2022

Authority: DISA STIG

Plugin: Unix

Revision: 1.10

Estimated Item Count: 28

File Details

Filename: DISA_STIG_JRE_8_Unix_v1r3.audit

Size: 49.6 kB

MD5: 6de1f99b985ff9bf9bf2cb45b208dac9
SHA256: 84c8b714ccf79956ee41b73cbef2d21a1eac13833caedeba28257f7d001198df

Audit Items

DescriptionCategories
DISA_STIG_JRE_8_Unix_v1r3.audit for Oracle JRE 8 UNIX STIG, v1r3
JRE8-UX-000010 - Oracle JRE 8 must have a deployment.config file present.

CONFIGURATION MANAGEMENT

JRE8-UX-000020 - Oracle JRE 8 deployment.config file must contain proper keys and values - deployment.system.config

CONFIGURATION MANAGEMENT

JRE8-UX-000020 - Oracle JRE 8 deployment.config file must contain proper keys and values - deployment.system.config.mandatory

CONFIGURATION MANAGEMENT

JRE8-UX-000030 - Oracle JRE 8 must have a deployment.properties file present.

CONFIGURATION MANAGEMENT

JRE8-UX-000060 - Oracle JRE 8 must default to the most secure built-in setting - deployment.security.level

CONFIGURATION MANAGEMENT

JRE8-UX-000060 - Oracle JRE 8 must default to the most secure built-in setting - deployment.security.level.locked

CONFIGURATION MANAGEMENT

JRE8-UX-000070 - Oracle JRE 8 must be set to allow Java Web Start (JWS) applications - deployment.webjava.enabled

CONFIGURATION MANAGEMENT

JRE8-UX-000070 - Oracle JRE 8 must be set to allow Java Web Start (JWS) applications - deployment.webjava.enabled.locked

CONFIGURATION MANAGEMENT

JRE8-UX-000080 - Oracle JRE 8 must disable dialog enabling users to grant permissions - deployment.security.askgrantdialog.notinca.locked

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-UX-000080 - Oracle JRE 8 must disable the dialog enabling users to grant permissions - deployment.security.askgrantdialog.notinca

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-UX-000090 - Oracle JRE 8 must lock the dialog enabling users to grant permissions - deployment.security.askgrantdialog.show

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-UX-000090 - Oracle JRE 8 must lock the dialog enabling users to grant permissions - deployment.security.askgrantdialog.show.locked

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-UX-000100 - Oracle JRE 8 must set the option to enable online certificate validation - deployment.security.validation.ocsp

IDENTIFICATION AND AUTHENTICATION

JRE8-UX-000100 - Oracle JRE 8 must set the option to enable online certificate validation - deployment.security.validation.ocsp.locked

IDENTIFICATION AND AUTHENTICATION

JRE8-UX-000110 - Oracle JRE 8 must prevent the download of prohibited mobile code - deployment.security.blacklist.check

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-UX-000110 - Oracle JRE 8 must prevent the download of prohibited mobile code - deployment.security.blacklist.check.locked

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-UX-000120 - Oracle JRE 8 must enable the option to use an accepted sites list.

CONFIGURATION MANAGEMENT

JRE8-UX-000130 - Oracle JRE 8 must have an exception.sites file present - URLs

CONFIGURATION MANAGEMENT

JRE8-UX-000130 - Oracle JRE 8 must have an exception.sites file present.

CONFIGURATION MANAGEMENT

JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl

IDENTIFICATION AND AUTHENTICATION

JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl.locked

IDENTIFICATION AND AUTHENTICATION

JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check

IDENTIFICATION AND AUTHENTICATION

JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check.locked

IDENTIFICATION AND AUTHENTICATION

JRE8-UX-000170 - Oracle JRE 8 must prompt the user for action prior to executing mobile code - deployment.insecure.jres

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-UX-000170 - Oracle JRE 8 must prompt the user for action prior to executing mobile code - deployment.insecure.jres.locked

SYSTEM AND COMMUNICATIONS PROTECTION

JRE8-UX-000180 - The version of Oracle JRE 8 running on the system must be the most current available.

SYSTEM AND INFORMATION INTEGRITY

JRE8-UX-000190 - Oracle JRE 8 must remove previous versions when the latest version is installed.

SYSTEM AND INFORMATION INTEGRITY