Detections
Analytics

Item Search

NameAudit NamePluginCategory
DG0003-ORACLE11 - The latest security patches should be installed.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0020-ORACLE11 - Backup and recovery procedures should be developed, documented, implemented and periodically tested.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0031-ORACLE11 - Transaction logs should be periodically reviewed for unauthorized modification of data.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0032-ORACLE11 - Audit records should be restricted to authorized individuals - 'audit_trail = db or db_extended'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0041-ORACLE11 - Use of the DBMS installation account should be logged.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0064-ORACLE11 - DBMS backup and restoration files should be protected from unauthorized access.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0066-ORACLE11 - Procedures for establishing temporary passwords that meet DoD password requirements for new accounts should be defined, documented and implemented.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0068-ORACLE11 - DBMS tools or applications that echo or require a password entry in clear text should be protected from password display.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0071-ORACLE11 - New passwords must be required to differ from old passwords by more than four characters - 'PASSWORD_VERIFY_FUNCTION is not set to NULL or DEFAULT'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0078-ORACLE11 - Each database user, application or process should have an individually assigned account.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0092-ORACLE11 - Database data files containing sensitive information should be encrypted.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0106-ORACLE11 - Database data encryption controls should be configured in accordance with application requirements.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0107-ORACLE11 - Sensitive data is stored in the database and should be identified in the System Security Plan and AIS Functional Architecture documentation.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0107-ORACLE11 - Sensitive data is stored in the database and should be identified in the System Security Plan and AIS Functional Architecture documentation.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0135-ORACLE11 - Users should be alerted upon login of previous successful connections or unsuccessful attempts to access their account.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0140-ORACLE11 - Access to DBMS security data should be audited.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0142-ORACLE11 - Changes to configuration options must be audited - 'audit_sys_operations = true'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0146-ORACLE11 - Audit records should include the reason for blacklisting or disabling DBMS connections or accounts.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0158-ORACLE11 - DBMS remote administration should be audited.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0158-ORACLE11 - DBMS remote administration should be audited.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0161-ORACLE11 - An automated tool that monitors audit data and immediately reports suspicious activity should be employed for the DBMS.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0166-ORACLE11 - Asymmetric keys should use DoD PKI Certificates and be protected in accordance with NIST (unclassified data) or NSA (classified data) approved key management and processes.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0175-ORACLE11 - The DBMS host platform and other dependent applications should be configured in compliance with applicable STIG requirements.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0198-ORACLE11 - Remote administration of the DBMS should be restricted to known, dedicated and encrypted network addresses and ports.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DO0210-ORACLE11 - Access to default accounts used to support replication should be restricted to authorized DBAs - 'sys.dba_repcatlog count = 0'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO0238-ORACLE11 - The directories assigned to the LOG_ARCHIVE_DEST* parameters should be protected from unauthorized access - 'log_archive_dest_n parameter is configured'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO6752-ORACLE11 - The Oracle SEC_PROTOCOL_ERROR_TRACE_ACTION parameter should not be set to NONE.DISA STIG Oracle 11 Installation v9r1 DatabaseOracleDB
WA060 W22 - A public web server, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ Extension.DISA STIG Apache Server 2.2 Windows v1r13Windows
WA230 IIS6 - The site software used with the web server must have all applicable security patches applied and documented.DISA STIG IIS 6.0 Server v6r16Windows
WA00525 A22 - User specific directories must not be globally enabled.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA00530 A22 - The process ID (PID) file must be properly securedDISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA00530 A22 - The process ID (PID) file must be properly secured - permissionsDISA STIG Apache Server 2.2 Unix v1r11Unix
WG050 A22 - The web server password(s) must be entrusted to the SA or Web Manager.DISA STIG Apache Server 2.2 Unix v1r11Unix
WG050 W22 - The web server service password(s) must be entrusted to the SA or Web Manager.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG080 A22 - Installation of a compiler on production web server is prohibited.DISA STIG Apache Server 2.2 Unix v1r11Unix
WG080 W22 - Installation of a compiler on production web server must be prohibited.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG220 A22 - Web administration tools must be restricted to the web manager and the web manager's designees - AccessConfigDISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WG240 IIS6 - Logs of web server access and errors must be established and maintained.DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG250 A22 - Log file access must be restricted to System Administrators, Web Administrators or Auditors.DISA STIG Apache Site 2.2 Unix v1r11Unix
WG260 IIS6 - Only fully reviewed and tested web sites must exist on a production web server.DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG270 A22 - The web server's htpasswd files (if present) must reflect proper ownership and permissionsDISA STIG Apache Server 2.2 Unix v1r11Unix
WG280 - The access control files are owned by a privileged web server account - HTACCESS_DIRDISA STIG Apache Server 2.2 Unix v1r11Unix
WG280 - The access control files are owned by a privileged web server account - HTTPD_CONFIG_DIRECTORY/httpd.confDISA STIG Apache Server 2.2 Unix v1r11Unix
WG350 IIS6 - A private web server must have a valid server certificate.DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG350 W22 - A private web server must have a valid DoD server certificate.DISA STIG Apache Site 2.2 Windows v1r13Windows
WG355 A22 - A private web server's list of CAs in a trust hierarchy must lead to an authorized DoD PKI Root CA.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WG410 W22 - Interactive scripts used on a web server must have proper access controls.DISA STIG Apache Site 2.2 Windows v1r13Windows
WG440 A22 - Monitoring software must include CGI or equivalent programs in its scope.DISA STIG Apache Server 2.2 Unix v1r11Unix
WG460 W22 - PERL scripts must use the TAINT option.DISA STIG Apache Site 2.2 Windows v1r13Windows
WG470 W22 - Wscript.exe and Cscript.exe must only be accessible by the SA and/or the web administrator. - 'Wscript.exe'DISA STIG Apache Server 2.2 Windows v1r13Windows