| DG0005-ORACLE11 - Only necessary privileges to the host system should be granted to DBA OS accounts - 'Oracle DBA is only a member of ORA_DBA and Users group' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| DG0008-ORACLE11 - Application objects should be owned by accounts authorized for ownership. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0009-ORACLE11 - Access to DBMS software files and directories should not be granted to unauthorized users - '%ORACLE_HOME% permissions are configured correctly' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0012-ORACLE11 - Database software directories including DBMS configuration files are stored in dedicated directories separate from the host OS and other applications - 'No unauthorized directories exist in $ORACLE_BASE' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0025-ORACLE11 - DBMS cryptography must be NIST FIPS 140-2 validated - '%ORACLE_HOME%\NETWORK\ADMIN\SQLNET.ora SQLNET.SSLFIPS_140 = TRUE' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0040-ORACLE11 - The DBMS software installation account should be restricted to authorized users - '$ORACLE_BASE owner, group and permissions are configured' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0051-ORACLE11 - Database job/batch queues should be reviewed regularly to detect unauthorized database job submissions - 'max_job_slave_processes limit is set' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0065-ORACLE11 - DBMS authentication should require use of a DoD PKI certificate. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0085-ORACLE11 - The DBA role should not be assigned excessive or unauthorized privileges. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0093-ORACLE11 - Remote adminstrative connections to the database should be encrypted - 'Remote admin connections are encrypted' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - '$ORACLE_HOME/network/admin/tnsnames.ora EXTPROC PROTOCOL=IPC' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - '$ORACLE_HOME/rdbms/admin/externaljob.ora SET EXTPROC_DLLS path' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0103-ORACLE11 - Network access to the DBMS must be restricted to authorized personnel - '$ORACLE_HOME/network/admin/cman.ora source and destination addresses are configured' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0109-ORACLE11 - The DBMS should not be operated without authorization on a host system supporting other application services - 'W3SVC, FTPSVC, DNS and DHCPServer servcies are not running' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0109-ORACLE11 - The DBMS should not be operated without authorization on a host system supporting other application services. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0116-ORACLE11 - Database privileged role assignments should be restricted to IAO-authorized DBMS accounts. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0121-ORACLE11 - Application users privileges should be restricted to assignment using application user roles. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0122-ORACLE11 - Access to sensitive data should be restricted to authorized users identified by the Information Owner - 'datafile' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - 'Connection Manager is running on approved ports' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0191-ORACLE11 - Credentials used to access remote databases should be protected by encryption and restricted to authorized users - '%ORACLE_HOME%\database\PWDorcl.ora permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0195-ORACLE11 - DBMS production application and data directories should be protected from developers on shared production/development DBMS host systems. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| DG7003-ORACLE11 - A minimum of two Oracle redo log groups/files must be defined and configured to be stored on separate, archived physical disks or archived directories on a RAID device. | DISA STIG Oracle 11 Installation v9r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| DO0120-ORACLE11 - The Oracle software installation account should not be granted excessive host system privileges - 'Oracle install account is not a member of the oracle group' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO0155-ORACLE11 - Only authorized system accounts should have the SYSTEM tablespace specified as the default tablespace - 'No unathorized accounts have access to SYSTEM table' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DO0287-ORACLE11 - The Oracle SQLNET.EXPIRE_TIME parameter should be set to a value greater than 0 - '$ORACLE_HOME/network/admin/sqlnet.ora SQLNET.EXPIRE_TIME > 0' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO3475-ORACLE11 - Execute permission should be revoked from PUBLIC for restricted Oracle packages - 'PUBLIC does not have execute privilege' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DO3612-ORACLE11 - System Privileges should not be granted to PUBLIC - 'No system privileges granted to PUBLIC' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'TRACE_DIRECTORY_{listener} is configured' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| DO6754-ORACLE11 - Oracle Configuration Manager should not remain installed on a production system - '%ORACLE_HOME%\ccr directory does not exist' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DTBI018 - Check for publishers certificate revocation must be enforced. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTBI024 - The Initialize and script ActiveX controls not marked as safe property must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI032 - Accessing data sources across domains must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI122 - Accessing data sources across domains must be disallowed (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI350 - Software must be disallowed to run or install with invalid signatures. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WI030 IIS6 - The IUSR_machinename account must not have read access to the .inc files or their equivalent. - '.inc' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WI6026 IIS6 - The maximum used memory monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6028 IIS6 - The Shutdown worker processes Idle Timeout monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6096 IIS6 - The UrlSegmentMaxCount registry entry must be set properly. | DISA STIG IIS 6.0 Server v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WI6098 IIS6 - The MaxRequestEntityAllowed metabase value must be defined. - 'IisWebFileSetting' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WWA022 A22 - The KeepAlive directive must be enabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | ACCESS CONTROL |
| WA000-WWA028 A22 - The httpd.conf MinSpareServers directive must be set properly. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WWA052 A22 - The '-FollowSymLinks' setting must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA056 A22 - The MultiViews directive must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA058 A22 - Directory indexing must be disabled on directories not containing index files. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA062 A22 - The HTTP request header fields must be limited. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG310 A22 - A web site must not contain a robots.txt file | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG340 W22 - A private web server must utilize an approved TLS version. - 'SSLEngine' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 IIS6 - Public web servers must use TLS if authentication is required. - '128-Bit Encryption Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG345 A22 - The web server must remove all export ciphers from the cipher suite. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG345 W22 - The web server must remove all export ciphers from the cipher suite. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
