Detections
Analytics

DISA Oracle Database 19c STIG v1r1 Unix

Audit Details

Name: DISA Oracle Database 19c STIG v1r1 Unix

Updated: 6/24/2025

Authority: DISA STIG

Plugin: Unix

Revision: 1.0

Estimated Item Count: 17

File Details

Filename: DISA_STIG_Oracle_Database_19c_v1r1_Unix.audit

Size: 67.7 kB

MD5: 38f343f7218dc7ffb943cfb507fbd5ec
SHA256: 992801c8741214b2b5738509002a2d4e7e1690e0fd45f9a018619fb8ecda56e8

Audit Items

DescriptionCategories
DISA_Oracle_Database_19c_STIG_v1r1.audit from DISA Oracle Database 19c STIG v1r1
O19C-00-000200 - Oracle Database must protect against or limit the effects of organization-defined types of denial-of-service (DoS) attacks.

ACCESS CONTROL

O19C-00-006000 - Oracle Database must provide an immediate real-time alert to appropriate support staff of all audit log failures.

AUDIT AND ACCOUNTABILITY

O19C-00-007300 - Oracle Database must support enforcement of logical access restrictions associated with changes to the database management system (DBMS) configuration and to the database itself.

CONFIGURATION MANAGEMENT

O19C-00-009900 - The Oracle Listener must be configured to require administration authentication.

CONFIGURATION MANAGEMENT

O19C-00-011200 - Network access to Oracle Database must be restricted to authorized personnel.

CONFIGURATION MANAGEMENT

O19C-00-011500 - The /diag subdirectory under the directory assigned to the DIAGNOSTIC_DEST parameter must be protected from unauthorized access.

CONFIGURATION MANAGEMENT

O19C-00-011600 - Remote administration must be disabled for the Oracle connection manager.

CONFIGURATION MANAGEMENT

O19C-00-011700 - Network client connections must be restricted to supported versions.

CONFIGURATION MANAGEMENT

O19C-00-011800 - Database administrator (DBA) OS accounts must be granted only those host system privileges necessary for the administration of the Oracle Database.

CONFIGURATION MANAGEMENT

O19C-00-013200 - OS accounts used to run external procedures called by Oracle Database must have limited privileges.

CONFIGURATION MANAGEMENT

O19C-00-013400 - Access to external executables must be disabled or restricted.

CONFIGURATION MANAGEMENT

O19C-00-014900 - If passwords are used for authentication, the Oracle Database must transmit only encrypted representations of passwords.

IDENTIFICATION AND AUTHENTICATION

O19C-00-015200 - Oracle Database, when using public key infrastructure (PKI)-based authentication, must enforce authorized access to the corresponding private key.

IDENTIFICATION AND AUTHENTICATION

O19C-00-015500 - Oracle Database must use NIST-validated FIPS 140-2/140-3 compliant cryptography for authentication mechanisms.

IDENTIFICATION AND AUTHENTICATION

O19C-00-017700 - Oracle Database must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures.

SYSTEM AND COMMUNICATIONS PROTECTION

O19C-00-020400 - Oracle Database must include only approved trust anchors in trust stores or certificate stores managed by the organization.

SYSTEM AND COMMUNICATIONS PROTECTION