Detections
Analytics

Item Search

NameAudit NamePluginCategory
DG0020-ORACLE11 - Backup and recovery procedures should be developed, documented, implemented and periodically tested.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0041-ORACLE11 - Use of the DBMS installation account should be logged.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0042-ORACLE11 - Use of the DBMS software installation account should be restricted to DBMS software installation, upgrade and maintenance actions.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0050-ORACLE11 - Database software, applications and configuration files should be monitored to discover unauthorized changes.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0052-ORACLE11 - All applications that access the database should be logged in the audit trail.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0063-ORACLE11 - DBMS privileges to restore database data or other DBMS configurations, features, or objects should be restricted to authorized DBMS accounts.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0064-ORACLE11 - DBMS backup and restoration files should be protected from unauthorized access.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0092-ORACLE11 - Database data files containing sensitive information should be encrypted.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0101-ORACLE11 - OS accounts used to execute external procedures should be assigned minimum privileges.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0106-ORACLE11 - Database data encryption controls should be configured in accordance with application requirements.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0115-ORACLE11 - Recovery procedures and technical system features exist to ensure that recovery is done in a secure and verifiable manner.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0118-ORACLE11 - The IAM should review changes to DBA role assignments.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0120-ORACLE11 - Unauthorized access to external database objects should be removed from application user roles.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0155-ORACLE11 - The DBMS should have configured all applicable settings to use trusted files, functions, features, or other components during startup, shutdown, aborts, or other unplanned interruptions.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0157-ORACLE11 - Remote DBMS administration should be documented and authorized or disabled.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0158-ORACLE11 - DBMS remote administration should be audited.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0171-ORACLE11 - The DBMS should not have a connection defined to access or be accessed by a DBMS at a different classification level.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0175-ORACLE11 - The DBMS host platform and other dependent applications should be configured in compliance with applicable STIG requirements.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0194-ORACLE11 - Privileges assigned to developers on shared production and development DBMS hosts and the DBMS should be monitored every three months or more frequently for unauthorized changes.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0198-ORACLE11 - Remote administration of the DBMS should be restricted to known, dedicated and encrypted network addresses and ports.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG7001-ORACLE11 - The directory assigned to the AUDIT_FILE_DEST parameter must be protected from unauthorized access and must be stored in a dedicated directory or disk partition separate from software or other application files.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DO0360-ORACLE11 - Connections by mid-tier web and application systems to the Oracle DBMS should be protected, encrypted and authenticated according to database, web, application, enclave and network requirements.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
WA060 A22 - A public web server, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ Extension.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA060 W22 - A public web server, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ Extension.DISA STIG Apache Server 2.2 Windows v1r13Windows
WA070 A22 - A private web server must be located on a separate controlled access subnet.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA070 A22 - A private web server must be located on a separate controlled access subnet.DISA STIG Apache Server 2.2 Unix v1r11Unix
WA070 W22 - A private web server must be located on a separate controlled access subnet.DISA STIG Apache Server 2.2 Windows v1r13Windows
WA230 W22 - The site software used with the web server must have all applicable security patches applied and documented.DISA STIG Apache Server 2.2 Windows v1r13Windows
WA00530 A22 - The process ID (PID) file must be properly secured - permissionsDISA STIG Apache Server 2.2 Unix v1r11Unix
WA00535 A22 - The score board file must be properly secured.DISA STIG Apache Server 2.2 Unix v1r11Unix
WG040 W22 - Public web server resources must not be shared with private assets.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG050 A22 - The web server password(s) must be entrusted to the SA or Web Manager.DISA STIG Apache Server 2.2 Unix v1r11Unix
WG060 W22 - The service account used to run the web service must have its password changed at least annually.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG080 W22 - Installation of a compiler on production web server must be prohibited.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG145 A22 - The private web server must use an approved DoD certificate validation process.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WG145 IIS6 - The private web server must use an approved DoD certificate validation process. - 'Check W3SVC/WEBSITES CertCheckMode'DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG240 IIS6 - Logs of web server access and errors must be established and maintained.DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG250 A22 - Log file access must be restricted to System Administrators, Web Administrators or Auditors.DISA STIG Apache Site 2.2 Unix v1r11Unix
WG260 A22 - Only web sites that have been fully reviewed and tested must exist on a production web server.DISA STIG Apache Site 2.2 Unix v1r11Unix
WG260 W22 - Only web sites that have been fully reviewed and tested must exist on a production web server.DISA STIG Apache Site 2.2 Windows v1r13Windows
WG280 - The access control files are owned by a privileged web server account - HTACCESS_DIRDISA STIG Apache Server 2.2 Unix v1r11Unix
WG280 - The access control files are owned by a privileged web server account - HTTPD_CONFIG_DIRECTORY/httpd.confDISA STIG Apache Server 2.2 Unix v1r11Unix
WG330 A22 - A public web server must limit email to outbound only - sendmailDISA STIG Apache Server 2.2 Unix v1r11Unix
WG350 A22 - A private web server will have a valid DoD server certificate.DISA STIG Apache Site 2.2 Unix v1r11Unix
WG350 IIS6 - A private web server must have a valid server certificate.DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG355 A22 - A private web server's list of CAs in a trust hierarchy must lead to an authorized DoD PKI Root CA.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WG355 W22 - A private web server's list of CAs in a trust hierarchy must lead to an authorized DoD PKI Root CA.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG430 W22 - Anonymous FTP user access to interactive scripts must be prohibited.DISA STIG Apache Site 2.2 Windows v1r13Windows
WG440 A22 - Monitoring software must include CGI or equivalent programs in its scope.DISA STIG Apache Server 2.2 Unix v1r11Unix
WG460 W22 - PERL scripts must use the TAINT option.DISA STIG Apache Site 2.2 Windows v1r13Windows