All associated application files – ‘Verify permissions’
Details Allowing improper access to binaries that directly interface with the Oracle database adds unnecessary risk and increases the attack...
- Home
- Security Hardening
- CIS V1.1.0 Oracle 11G OS L2
CIS V1.1.0 Oracle 11G OS L2
cman.ora – ‘remote_admin = NO’
Details NOTE: Change ORACLE_HOME to the full path of your organization’s Oracle directory. Supportive Information The following resource is also...Encryption – ‘If keys are stored in a table in the database, access to the keys should be limited under a secure role’
Details combination of methods will be dependent on how and where the keys are stored. Supportive Information The following resource...Encryption – ‘Use RAW or BLOB for the storage of encrypted data’
Details prevents this error and preserves the data. Supportive Information The following resource is also helpful. https://workbench.cisecurity.org/files/580 This control applies...Encryption – ‘Where possible, use a procedure that employs a content data element as the encryption key that is unique for each record’
Details one of the records independent of the ciphertext can by inference know the value of other records that display...init.ora – ‘audit_sys_operations = TRUE’
Details NOTE: Change ORACLE_HOME to the full path of your organization’s Oracle directory. Supportive Information The following resource is also...init.ora – ‘db_securefile = ALWAYS’
Details NOTE: Change ORACLE_HOME to the full path of your organization’s Oracle directory. Supportive Information The following resource is also...init.ora – ‘o7_dictionary_accessibility = FALSE’
Details the application and Oracle does not support setting it to FALSE. In Apps 11.5.10 and higher, O7_DICTIONARY_ACCESSIBILITY should be...init.ora – ‘remote_login_passwordfile = NONE’
Details Prevents remote privileged connections to the database. This suggests that remote administration should be performed by remotely logging Supportive...init.ora – ‘sec_return_server_release_banner = FALSE’
Details NOTE: Change ORACLE_HOME to the full path of your organization’s Oracle directory. Supportive Information The following resource is also...