| 5.2 Ensure 'Computer Browser (Browser)' is set to 'Disabled' or 'Not Installed' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.3 (L1) Ensure 'Computer Browser (Browser)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| Catalina - Configure the System for Nonlocal Maintenance | NIST macOS Catalina v1.5.0 - 800-171 | Unix | MAINTENANCE |
| Catalina - Configure the System for Nonlocal Maintenance | NIST macOS Catalina v1.5.0 - All Profiles | Unix | MAINTENANCE |
| DG0001-ORACLE11 - Vendor supported software is evaluated and patched against newly found vulnerabilities. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0003-ORACLE11 - The latest security patches should be installed. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0005-ORACLE11 - Only necessary privileges to the host system should be granted to DBA OS accounts - 'Oracle instance DBA is only a member of ORA_{SID}_DBA and Users group' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| DG0009-ORACLE11 - Access to DBMS software files and directories should not be granted to unauthorized users - '/etc/profile umask < 022' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DG0012-ORACLE11 - Database software directories including DBMS configuration files are stored in dedicated directories separate from the host OS and other applications - 'ORACLE_BASE environment variable set' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0012-ORACLE11 - Database software directories including DBMS configuration files are stored in dedicated directories separate from the host OS and other applications - 'ORACLE_HOME environment variable set' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0013-ORACLE11 - Database backup procedures should be defined, documented and implemented. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0020-ORACLE11 - Backup and recovery procedures should be developed, documented, implemented and periodically tested. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0021-ORACLE11 - A baseline of database application software should be documented and maintained. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0025-ORACLE11 - DBMS cryptography must be NIST FIPS 140-2 validated - '$ORACLE_HOME/network/admin/sqlnet.ora SSL_CIPHER_SUITES is configured' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0050-ORACLE11 - Database software, applications and configuration files should be monitored to discover unauthorized changes. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0069-ORACLE11 - Procedures and restrictions for import of production data to development databases should be documented, implemented and followed. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0069-ORACLE11 - Procedures and restrictions for import of production data to development databases should be documented, implemented and followed. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0083-ORACLE11 - Automated notification of suspicious activity detected in the audit trail should be implemented. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0090-ORACLE11 - Sensitive information stored in the database should be protected by encryption. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0096-ORACLE11 - The DBMS IA policies and procedures should be reviewed annually or more frequently. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0097-ORACLE11 - Plans and procedures for testing DBMS installations, upgrades and patches should be defined and followed prior to production implementation. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - '$ORACLE_HOME/network/admin/tnsnames.ora KEY=EXTPROC does not exist' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - no PROGRAMS = EXTPROC' - tnsnames.ora | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0103-ORACLE11 - Network access to the DBMS must be restricted to authorized personnel - '%ORACLE_HOME%\NETWORK\ADMIN\SQLNET.ORA tcp.validnode_checking = YES' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0103-ORACLE11 - Network access to the DBMS must be restricted to authorized personnel - '$ORACLE_HOME/network/admin/sqlnet.ora tcp.validnode_checking=yes' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0103-ORACLE11 - Network access to the DBMS must be restricted to authorized personnel - valid source and destination IPs are used in rules' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0104-ORACLE11 - DBMS service identification should be unique and clearly identifies the service. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0110-ORACLE11 - The DBMS should not share a host supporting an independent security service. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0120-ORACLE11 - Unauthorized access to external database objects should be removed from application user roles. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0129-ORACLE11 - Passwords should be encrypted when transmitted across the network. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| DG0155-ORACLE11 - The DBMS should have configured all applicable settings to use trusted files, functions, features, or other components during startup, shutdown, aborts, or other unplanned interruptions. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0157-ORACLE11 - Remote DBMS administration should be documented and authorized or disabled. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0175-ORACLE11 - The DBMS host platform and other dependent applications should be configured in compliance with applicable STIG requirements. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0176-ORACLE11 - The DBMS audit logs should be included in backup operations. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0191-ORACLE11 - Credentials used to access remote databases should be protected by encryption and restricted to authorized users - '$ORACLE_HOME/network/admin/sqlnet.ora WALLET_LOCATION does not exist' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| DG0194-ORACLE11 - Privileges assigned to developers on shared production and development DBMS hosts and the DBMS should be monitored every three months or more frequently for unauthorized changes. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0198-ORACLE11 - Remote administration of the DBMS should be restricted to known, dedicated and encrypted network addresses and ports. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DO0286-ORACLE11 - The Oracle INBOUND_CONNECT_TIMEOUT and SQLNET.INBOUND_CONNECT_TIMEOUT parameters should be set to a value greater than 0 - '%ORACLE_HOME%\NETWORK\ADMIN\SQLNET.ORA SQLNET.INBOUND_CONNECT_TIMEOUT > 0' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| DO0286-ORACLE11 - The Oracle INBOUND_CONNECT_TIMEOUT and SQLNET.INBOUND_CONNECT_TIMEOUT parameters should be set to a value greater than 0 - '$ORACLE_HOME/network/admin/sqlnet.ora SQLNET.INBOUND_CONNECT_TIMEOUT = 0' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '%ORACLE_HOME%\NETWORK\ADMIN\listener.ora DIAG_ADR_ENABLED_[listener name] = ON' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | AUDIT AND ACCOUNTABILITY |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '%ORACLE_HOME%\NETWORK\ADMIN\listener.ora LOG_DIRECTORY_{listener} is configured' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | AUDIT AND ACCOUNTABILITY |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '$ORACLE_HOME/network/log/sqlnet.log mode 640' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'LOG_FILE_SERVER = sqlnet' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| DO6740-ORACLE11 - The Oracle Listener ADMIN_RESTRICTIONS parameter if present should be set to ON - '$ORACLE_HOME/network/admin/listener.ora ADMIN_RESTRICTIONS_{listener} = on' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DO6747-ORACLE11 - Remote administration should be disabled for the Oracle connection manager - '$ORACLE_HOME/network/admin/cman.ora does not exist' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DO6754-ORACLE11 - Oracle Configuration Manager should not remain installed on a production system - '$ORACLE_HOME/ccr does not exist' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Configure the System for Nonlocal Maintenance | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | MAINTENANCE |
| WN12-CC-000023 - Windows must be prevented from sending an error report when a device driver requests additional software during installation. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000023 - Windows must be prevented from sending an error report when a device driver requests additional software during installation. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
