Detections
Analytics

Item Search

NameAudit NamePluginCategory
DG0003-ORACLE11 - The latest security patches should be installed.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0007-ORACLE11 - The database should be secured in accordance with DoD, vendor and/or commercially accepted practices where applicable.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0013-ORACLE11 - Database backup procedures should be defined, documented and implemented.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0021-ORACLE11 - A baseline of database application software should be documented and maintained.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0031-ORACLE11 - Transaction logs should be periodically reviewed for unauthorized modification of data.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0041-ORACLE11 - Use of the DBMS installation account should be logged.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0052-ORACLE11 - All applications that access the database should be logged in the audit trail.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0053-ORACLE11 - A single database connection configuration file should not be used to configure all database clients.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0066-ORACLE11 - Procedures for establishing temporary passwords that meet DoD password requirements for new accounts should be defined, documented and implemented.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0068-ORACLE11 - DBMS tools or applications that echo or require a password entry in clear text should be protected from password display.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0074-ORACLE11 - Unapproved inactive or expired database accounts should not be found on the database.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0078-ORACLE11 - Each database user, application or process should have an individually assigned account.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0080-ORACLE11 - Application user privilege assignment should be reviewed monthly or more frequently to ensure compliance with least privilege and documented policy.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0086-ORACLE11 - DBA roles should be periodically monitored to detect assignment of unauthorized or excess privileges.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0105-ORACLE11 - DBMS application user roles should not be assigned unauthorized privileges.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0120-ORACLE11 - Unauthorized access to external database objects should be removed from application user roles.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0124-ORACLE11 - Use of DBA accounts should be restricted to administrative activities.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0165-ORACLE11 - DBMS symmetric keys should be protected in accordance with NSA or NIST-approved key management technology or processes.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0175-ORACLE11 - The DBMS host platform and other dependent applications should be configured in compliance with applicable STIG requirements.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0190-ORACLE11 - Credentials stored and used by the DBMS to access remote databases or applications should be authorized and restricted to authorized users.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'TRACE_LEVEL_SERVER'DISA STIG Oracle 11 Installation v9r1 WindowsWindows
WA060 A22 - A public web server, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ Extension.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA060 W22 - A public web server, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ Extension.DISA STIG Apache Server 2.2 Windows v1r13Windows
WA070 A22 - A private web server must be located on a separate controlled access subnet.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA070 A22 - A private web server must be located on a separate controlled access subnet.DISA STIG Apache Server 2.2 Unix v1r11Unix
WA070 W22 - A private web server must be located on a separate controlled access subnet.DISA STIG Apache Server 2.2 Windows v1r13Windows
WA230 W22 - The site software used with the web server must have all applicable security patches applied and documented.DISA STIG Apache Server 2.2 Windows v1r13Windows
WA00530 A22 - The process ID (PID) file must be properly secured - permissionsDISA STIG Apache Server 2.2 Unix v1r11Unix
WA00535 A22 - The score board file must be properly secured.DISA STIG Apache Server 2.2 Unix v1r11Unix
WG040 W22 - Public web server resources must not be shared with private assets.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG050 A22 - The web server password(s) must be entrusted to the SA or Web Manager.DISA STIG Apache Server 2.2 Unix v1r11Unix
WG060 W22 - The service account used to run the web service must have its password changed at least annually.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG080 A22 - Installation of a compiler on production web server is prohibited.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WG080 W22 - Installation of a compiler on production web server must be prohibited.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG145 A22 - The private web server must use an approved DoD certificate validation process.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WG145 IIS6 - The private web server must use an approved DoD certificate validation process. - 'Check W3SVC/WEBSITES CertCheckMode'DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG240 IIS6 - Logs of web server access and errors must be established and maintained.DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG250 A22 - Log file access must be restricted to System Administrators, Web Administrators or Auditors.DISA STIG Apache Site 2.2 Unix v1r11Unix
WG260 A22 - Only web sites that have been fully reviewed and tested must exist on a production web server.DISA STIG Apache Site 2.2 Unix v1r11Unix
WG260 W22 - Only web sites that have been fully reviewed and tested must exist on a production web server.DISA STIG Apache Site 2.2 Windows v1r13Windows
WG280 - The access control files are owned by a privileged web server account - HTACCESS_DIRDISA STIG Apache Server 2.2 Unix v1r11Unix
WG280 - The access control files are owned by a privileged web server account - HTTPD_CONFIG_DIRECTORY/httpd.confDISA STIG Apache Server 2.2 Unix v1r11Unix
WG330 A22 - A public web server must limit email to outbound only - sendmailDISA STIG Apache Server 2.2 Unix v1r11Unix
WG350 A22 - A private web server will have a valid DoD server certificate.DISA STIG Apache Site 2.2 Unix v1r11Unix
WG350 IIS6 - A private web server must have a valid server certificate.DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG355 A22 - A private web server's list of CAs in a trust hierarchy must lead to an authorized DoD PKI Root CA.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WG355 W22 - A private web server's list of CAs in a trust hierarchy must lead to an authorized DoD PKI Root CA.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG430 W22 - Anonymous FTP user access to interactive scripts must be prohibited.DISA STIG Apache Site 2.2 Windows v1r13Windows
WG440 A22 - Monitoring software must include CGI or equivalent programs in its scope.DISA STIG Apache Server 2.2 Unix v1r11Unix
WG460 W22 - PERL scripts must use the TAINT option.DISA STIG Apache Site 2.2 Windows v1r13Windows