O121-BP-025100 - The DBMS data files, transaction logs and audit files must be stored in dedicated directories or disk partitions separate from software or other application files.


Protection of DBMS data, transaction and audit data files stored by the host operating system is dependent on OS controls. When different applications share the same database, resource contention and security controls are required to isolate and protect an application's data from other applications. In addition, it is an Oracle best practice to separate data, transaction logs, and audit logs into separate physical directories according to Oracle's OFA (Optimal Flexible Architecture). And finally, DBMS software libraries and configuration files also require differing access control lists.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.


Specify dedicated host system disk directories to store database data, transaction and audit files.
Example directory structure:

See Oracle Optimal Flexible Architecture:

When multiple applications are accessing a single database, configure DBMS default file storage according to application to use dedicated disk directories.


See Oracle Optimal Flexible Architecture:

See Also


Item Details


References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-219861r879887_rule, STIG-ID|O121-BP-025100, STIG-Legacy|SV-76453, STIG-Legacy|V-61963, Vuln-ID|V-219861

Plugin: OracleDB

Control ID: a4e54ae90804f4e93b5d8dfcdff8b9bf624efad77081883d4915e2a8a4fd9946