Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
Item Search
Audits
Item Search
Filters (1)
Description
Filename
Plugin
References
Control ID
Relevance
Description
Plugin
Filename
References (Active)
Search by References
Clear All
‹‹ Previous
Previous
Page 4 of 532
• 26579 Total
Next
Next ››
Name
Audit Name
Plugin
Category
DG0025-ORACLE11 - DBMS cryptography must be NIST FIPS 140-2 validated - 'Oracle Advanced Security is installed'
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0050-ORACLE11 - Database software, applications and configuration files should be monitored to discover unauthorized changes.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DG0051-ORACLE11 - Database job/batch queues should be reviewed regularly to detect unauthorized database job submissions - 'No unknown jobs exist in the dba_jobs queue'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0051-ORACLE11 - Database job/batch queues should be reviewed regularly to detect unauthorized database job submissions - 'No unknown jobs exist in the dba_scheduler_jobs queue'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0052-ORACLE11 - All applications that access the database should be logged in the audit trail.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DG0052-ORACLE11 - All applications that access the database should be logged in the audit trail.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0063-ORACLE11 - DBMS privileges to restore database data or other DBMS configurations, features, or objects should be restricted to authorized DBMS accounts.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0080-ORACLE11 - Application user privilege assignment should be reviewed monthly or more frequently to ensure compliance with least privilege and documented policy.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0083-ORACLE11 - Automated notification of suspicious activity detected in the audit trail should be implemented.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0086-ORACLE11 - DBA roles should be periodically monitored to detect assignment of unauthorized or excess privileges.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DG0086-ORACLE11 - DBA roles should be periodically monitored to detect assignment of unauthorized or excess privileges.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0092-ORACLE11 - Database data files containing sensitive information should be encrypted.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0095-ORACLE11 - Audit trail data should be reviewed daily or more frequently.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0097-ORACLE11 - Plans and procedures for testing DBMS installations, upgrades and patches should be defined and followed prior to production implementation.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DG0100-ORACLE11 - Replication accounts should not be granted DBA privileges.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0106-ORACLE11 - Database data encryption controls should be configured in accordance with application requirements.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0118-ORACLE11 - The IAM should review changes to DBA role assignments.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0120-ORACLE11 - Unauthorized access to external database objects should be removed from application user roles.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0122-ORACLE11 - Access to sensitive data should be restricted to authorized users identified by the Information Owner - 'controlfile'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0122-ORACLE11 - Access to sensitive data should be restricted to authorized users identified by the Information Owner - 'spfile'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0124-ORACLE11 - Use of DBA accounts should be restricted to administrative activities.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0127-ORACLE11 - DBMS account passwords should not be set to easily guessed words or values - 'limit'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0133-ORACLE11 - Unlimited account lock times should be specified for locked accounts.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0138-ORACLE11 - Access grants to sensitive data should be restricted to authorized user roles.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0159-ORACLE11 - Remote administrative access to the database should be monitored by the IAO or IAM.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0161-ORACLE11 - An automated tool that monitors audit data and immediately reports suspicious activity should be employed for the DBMS.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0165-ORACLE11 - DBMS symmetric keys should be protected in accordance with NSA or NIST-approved key management technology or processes.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0186-ORACLE11 - The database should not be directly accessible from public or unauthorized networks.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0187-ORACLE11 - DBMS software libraries should be periodically backed up.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0192-ORACLE11 - Remote database or other external access should use fully-qualified names - 'global_names = true'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG7001-ORACLE11 - The directory assigned to the AUDIT_FILE_DEST parameter must be protected from unauthorized access and must be stored in a dedicated directory or disk partition separate from software or other application files.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DO0155-ORACLE11 - Only authorized system accounts should have the SYSTEM tablespace specified as the default tablespace - 'Tablespace not set to SYSTEM'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0210-ORACLE11 - Access to default accounts used to support replication should be restricted to authorized DBAs - 'No replication objects exist'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0220-ORACLE11 - Oracle instance names should not contain Oracle version numbers.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0231-ORACLE11 - Application owner accounts should have a dedicated application tablespace.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0233-ORACLE11 - The /diag subdirectory under the directory assigned to the DIAGNOSTIC_DEST parameter must be protected from unauthorized access.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0234-ORACLE11 - The directory assigned to the AUDIT_FILE_DEST parameter should be protected from unauthorized access - 'audit_file_dest parameter is configured'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0234-ORACLE11 - The directory assigned to the AUDIT_FILE_DEST parameter should be protected from unauthorized access - 'audit_trail value = TRUE, OS, XML or XML, EXTENDED'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0238-ORACLE11 - The directories assigned to the LOG_ARCHIVE_DEST* parameters should be protected from unauthorized access - 'log_archive_dest parameter is configured'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0243-ORACLE11 - The Oracle _TRACE_FILES_PUBLIC parameter if present should be set to FALSE - '_trace_files_public = false'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0250-ORACLE11 - Fixed user and public database links should be authorized for use - 'Database links are documented'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0360-ORACLE11 - Connections by mid-tier web and application systems to the Oracle DBMS should be protected, encrypted and authenticated according to database, web, application, enclave and network requirements.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DO0360-ORACLE11 - Connections by mid-tier web and application systems to the Oracle DBMS should be protected, encrypted and authenticated according to database, web, application, enclave and network requirements.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DO3440-ORACLE11 - The DBA role should not be granted to unauthorized user accounts - 'No unauthorized DBA accounts exist'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO3451-ORACLE11 - The Oracle WITH GRANT OPTION privilege should not be granted to non-DBA or non-Application administrator user accounts - 'No accounts with grant option exist'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO6750-ORACLE11 - The Oracle SEC_PROTOCOL_ERROR_FURTHER_ACTION parameter should be set to a value of DELAY or DROP - 'sec_protocol_error_further_action = drop or delay'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
WA000-WWA024 A22 - The KeepAliveTimeout directive must be defined.
DISA STIG Apache Server 2.2 Unix v1r11 Middleware
Unix
WA000-WWA050 A22 - All interactive programs must be placed in a designated directory with appropriate permissions - test-cgi
DISA STIG Apache Server 2.2 Unix v1r11 Middleware
Unix
WA000-WWA062 A22 - The HTTP request header fields must be limited.
DISA STIG Apache Server 2.2 Unix v1r11 Middleware
Unix
WA000-WWA066 A22 - The HTTP request line must be limited.
DISA STIG Apache Server 2.2 Unix v1r11 Middleware
Unix
‹‹ Previous
Previous
Page 4 of 532
• 26579 Total
Next
Next ››
