Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
Item Search
Audits
Item Search
Filters (1)
Description
Filename
Plugin
References
Control ID
Relevance
Description
Plugin
Filename
References (Active)
Search by References
Clear All
‹‹ Previous
Previous
Page 5 of 503
• 25114 Total
Next
Next ››
Name
Audit Name
Plugin
Category
DG0003-ORACLE11 - The latest security patches should be installed.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0020-ORACLE11 - Backup and recovery procedures should be developed, documented, implemented and periodically tested.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0031-ORACLE11 - Transaction logs should be periodically reviewed for unauthorized modification of data.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0032-ORACLE11 - Audit records should be restricted to authorized individuals - 'audit_trail = db or db_extended'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0041-ORACLE11 - Use of the DBMS installation account should be logged.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0051-ORACLE11 - Database job/batch queues should be reviewed regularly to detect unauthorized database job submissions - 'No unknown jobs exist in the dba_jobs queue'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0051-ORACLE11 - Database job/batch queues should be reviewed regularly to detect unauthorized database job submissions - 'No unknown jobs exist in the dba_scheduler_jobs queue'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0064-ORACLE11 - DBMS backup and restoration files should be protected from unauthorized access.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0066-ORACLE11 - Procedures for establishing temporary passwords that meet DoD password requirements for new accounts should be defined, documented and implemented.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DG0068-ORACLE11 - DBMS tools or applications that echo or require a password entry in clear text should be protected from password display.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0071-ORACLE11 - New passwords must be required to differ from old passwords by more than four characters - 'PASSWORD_VERIFY_FUNCTION is not set to NULL or DEFAULT'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0078-ORACLE11 - Each database user, application or process should have an individually assigned account.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0080-ORACLE11 - Application user privilege assignment should be reviewed monthly or more frequently to ensure compliance with least privilege and documented policy.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0092-ORACLE11 - Database data files containing sensitive information should be encrypted.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DG0106-ORACLE11 - Database data encryption controls should be configured in accordance with application requirements.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DG0107-ORACLE11 - Sensitive data is stored in the database and should be identified in the System Security Plan and AIS Functional Architecture documentation.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DG0107-ORACLE11 - Sensitive data is stored in the database and should be identified in the System Security Plan and AIS Functional Architecture documentation.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0122-ORACLE11 - Access to sensitive data should be restricted to authorized users identified by the Information Owner - 'spfile'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0133-ORACLE11 - Unlimited account lock times should be specified for locked accounts.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0135-ORACLE11 - Users should be alerted upon login of previous successful connections or unsuccessful attempts to access their account.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0138-ORACLE11 - Access grants to sensitive data should be restricted to authorized user roles.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0140-ORACLE11 - Access to DBMS security data should be audited.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0142-ORACLE11 - Changes to configuration options must be audited - 'audit_sys_operations = true'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0146-ORACLE11 - Audit records should include the reason for blacklisting or disabling DBMS connections or accounts.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0158-ORACLE11 - DBMS remote administration should be audited.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DG0158-ORACLE11 - DBMS remote administration should be audited.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0161-ORACLE11 - An automated tool that monitors audit data and immediately reports suspicious activity should be employed for the DBMS.
DISA STIG Oracle 11 Installation v9r1 Linux
Unix
DG0166-ORACLE11 - Asymmetric keys should use DoD PKI Certificates and be protected in accordance with NIST (unclassified data) or NSA (classified data) approved key management and processes.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DG0175-ORACLE11 - The DBMS host platform and other dependent applications should be configured in compliance with applicable STIG requirements.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DG0198-ORACLE11 - Remote administration of the DBMS should be restricted to known, dedicated and encrypted network addresses and ports.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DO0155-ORACLE11 - Only authorized system accounts should have the SYSTEM tablespace specified as the default tablespace - 'Tablespace not set to SYSTEM'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0210-ORACLE11 - Access to default accounts used to support replication should be restricted to authorized DBAs - 'sys.dba_repcatlog count = 0'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0220-ORACLE11 - Oracle instance names should not contain Oracle version numbers.
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0234-ORACLE11 - The directory assigned to the AUDIT_FILE_DEST parameter should be protected from unauthorized access - 'audit_trail value = TRUE, OS, XML or XML, EXTENDED'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0238-ORACLE11 - The directories assigned to the LOG_ARCHIVE_DEST* parameters should be protected from unauthorized access - 'log_archive_dest_n parameter is configured'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0243-ORACLE11 - The Oracle _TRACE_FILES_PUBLIC parameter if present should be set to FALSE - '_trace_files_public = false'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0250-ORACLE11 - Fixed user and public database links should be authorized for use - 'Database links are documented'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO0360-ORACLE11 - Connections by mid-tier web and application systems to the Oracle DBMS should be protected, encrypted and authenticated according to database, web, application, enclave and network requirements.
DISA STIG Oracle 11 Installation v9r1 Windows
Windows
DO3440-ORACLE11 - The DBA role should not be granted to unauthorized user accounts - 'No unauthorized DBA accounts exist'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO3540-ORACLE11 - The Oracle SQL92_SECURITY parameter should be set to TRUE - 'sql92_security = true'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO6748-ORACLE11 - Case sensitivity for passwords should be enabled - 'sec_case_sensitive_logon = true'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO6749-ORACLE11 - The Oracle SEC_MAX_FAILED_LOGIN_ATTEMPTS parameter should be set to an ISSO-approved value between 1 and 3 - 'sec_max_failed_login_attempts < 3'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO6750-ORACLE11 - The Oracle SEC_PROTOCOL_ERROR_FURTHER_ACTION parameter should be set to a value of DELAY or DROP - 'sec_protocol_error_further_action = drop or delay'
DISA STIG Oracle 11 Instance v9r1 Database
OracleDB
DO6752-ORACLE11 - The Oracle SEC_PROTOCOL_ERROR_TRACE_ACTION parameter should not be set to NONE.
DISA STIG Oracle 11 Installation v9r1 Database
OracleDB
WA000-WWA020 A22 - The Timeout directive must be properly set.
DISA STIG Apache Server 2.2 Unix v1r11 Middleware
Unix
WA000-WWA062 A22 - The HTTP request header fields must be limited.
DISA STIG Apache Server 2.2 Unix v1r11 Middleware
Unix
WA000-WWA064 A22 - The HTTP request header field size must be limited.
DISA STIG Apache Server 2.2 Unix v1r11 Middleware
Unix
WA000-WWA066 A22 - The HTTP request line must be limited.
DISA STIG Apache Server 2.2 Unix v1r11 Middleware
Unix
WA00505 A22 - Web Distributed Authoring and Versioning (WebDAV) must be disabled.
DISA STIG Apache Server 2.2 Unix v1r11
Unix
CONFIGURATION MANAGEMENT
WA00520 A22 - The web server must not be configured as a proxy server.
DISA STIG Apache Server 2.2 Unix v1r11
Unix
CONFIGURATION MANAGEMENT
‹‹ Previous
Previous
Page 5 of 503
• 25114 Total
Next
Next ››
