Item Search

NameAudit NamePluginCategory
DG0007-ORACLE11 - The database should be secured in accordance with DoD, vendor and/or commercially accepted practices where applicable.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0007-ORACLE11 - The database should be secured in accordance with DoD, vendor and/or commercially accepted practices where applicable.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0021-ORACLE11 - A baseline of database application software should be documented and maintained.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0030-ORACLE11 - Audit trail data should be retained for one year.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0041-ORACLE11 - Use of the DBMS installation account should be logged.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0042-ORACLE11 - Use of the DBMS software installation account should be restricted to DBMS software installation, upgrade and maintenance actions.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0051-ORACLE11 - Database job/batch queues should be reviewed regularly to detect unauthorized database job submissions - 'job_queue_processes limit is set'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0053-ORACLE11 - A single database connection configuration file should not be used to configure all database clients.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0063-ORACLE11 - DBMS privileges to restore database data or other DBMS configurations, features, or objects should be restricted to authorized DBMS accounts.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0066-ORACLE11 - Procedures for establishing temporary passwords that meet DoD password requirements for new accounts should be defined, documented and implemented.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0068-ORACLE11 - DBMS tools or applications that echo or require a password entry in clear text should be protected from password display.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0076-ORACLE11 - Sensitive information from production database exports must be modified before import to a development database.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0090-ORACLE11 - Sensitive information stored in the database should be protected by encryption.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0095-ORACLE11 - Audit trail data should be reviewed daily or more frequently.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0101-ORACLE11 - OS accounts used to execute external procedures should be assigned minimum privileges.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0105-ORACLE11 - DBMS application user roles should not be assigned unauthorized privileges.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0115-ORACLE11 - Recovery procedures and technical system features exist to ensure that recovery is done in a secure and verifiable manner.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0115-ORACLE11 - Recovery procedures and technical system features exist to ensure that recovery is done in a secure and verifiable manner.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0118-ORACLE11 - The IAM should review changes to DBA role assignments.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0155-ORACLE11 - The DBMS should have configured all applicable settings to use trusted files, functions, features, or other components during startup, shutdown, aborts, or other unplanned interruptions.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0171-ORACLE11 - The DBMS should not have a connection defined to access or be accessed by a DBMS at a different classification level.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0176-ORACLE11 - The DBMS audit logs should be included in backup operations.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0186-ORACLE11 - The database should not be directly accessible from public or unauthorized networks.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0194-ORACLE11 - Privileges assigned to developers on shared production and development DBMS hosts and the DBMS should be monitored every three months or more frequently for unauthorized changes.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG7001-ORACLE11 - The directory assigned to the AUDIT_FILE_DEST parameter must be protected from unauthorized access and must be stored in a dedicated directory or disk partition separate from software or other application files.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DO0140-ORACLE11 - Access to the Oracle SYS and SYSTEM accounts should be restricted to authorized DBAs.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO0210-ORACLE11 - Access to default accounts used to support replication should be restricted to authorized DBAs - 'No replication objects exist'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO0231-ORACLE11 - Application owner accounts should have a dedicated application tablespace.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO0233-ORACLE11 - The /diag subdirectory under the directory assigned to the DIAGNOSTIC_DEST parameter must be protected from unauthorized access.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO0234-ORACLE11 - The directory assigned to the AUDIT_FILE_DEST parameter should be protected from unauthorized access - 'audit_file_dest parameter is configured'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'TRACE_LEVEL_SERVER'DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'TRACE_LEVEL_SERVER'DISA STIG Oracle 11 Installation v9r1 WindowsWindows
WA060 A22 - A public web server, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ Extension.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA230 W22 - The site software used with the web server must have all applicable security patches applied and documented.DISA STIG Apache Server 2.2 Windows v1r13Windows
WA00530 W22 - The process ID (PID) file must be properly secured.DISA STIG Apache Server 2.2 Windows v1r13Windows
WA00535 W22 - The ScoreBoard file must be properly secured.DISA STIG Apache Server 2.2 Windows v1r13Windows
WA00540 A22 - The web server must be configured to explicitly deny access to the OS root - DenyDISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA00555 A22 - The web server must be configured to listen on a specific IP address and port - 0.0.0.0:80DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA00555 A22 - The web server must be configured to listen on a specific IP address and port - listenDISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA00565 A22 - HTTP request methods must be limited - DenyDISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WG040 W22 - Public web server resources must not be shared with private assets.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG270 A22 - The web server's htpasswd files (if present) must reflect proper ownership and permissionsDISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WG280 - The access control files are owned by a privileged web server account - APP_Config_filesDISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WG355 W22 - A private web server's list of CAs in a trust hierarchy must lead to an authorized DoD PKI Root CA.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG410 IIS6 - Interactive scripts must have proper access controls. - 'CGI Directory Permissions'DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG410 IIS6 - Interactive scripts must have proper access controls. - 'Execute Permissions set 'Script only'DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG430 A22 - Anonymous FTP user access to interactive scripts is prohibited.DISA STIG Apache Site 2.2 Unix v1r11 MiddlewareUnix
WG430 IIS6 - Anonymous FTP users must not have access to interactive scripts.DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG430 W22 - Anonymous FTP user access to interactive scripts must be prohibited.DISA STIG Apache Site 2.2 Windows v1r13Windows
WG440 A22 - Monitoring software must include CGI or equivalent programs in its scope.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix