DG0063-ORACLE11 – DBMS privileges to restore database data or other DBMS configurations, features, or objects should be restricted to authorized DBMS accounts.

Details

Unauthorized restoration of database data, objects, or other configuration or features can result in a loss of data integrity, unauthorized configuration, or other DBMS interruption or compromise. Therefore, the capability to restore must be controlled. Typically, only database administrators will have permission to restore a database.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Utilize DBMS roles that are authorized for database restore functions.

Restrict assignment of restore privileges.

Assign DBMS restoration roles only to authorized DBMS accounts.

Document assignments in the System Security Plan.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.

References

800-53|AC-6
CAT|II
Rule-ID|SV-24635r2_rule
STIG-ID|DG0063-ORACLE11
Vuln-ID|V-15107

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles