Documentation - V-270499

V-270499

Oracle Database 19c Security Technical Implementation Guide

CAT I

Title

Oracle Database must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.

Description

<VulnDiscussion>Enterprise environments make account management for applications and databases challenging and complex. A manual process for account management functions adds the risk of a potential oversight or other error. Managing accounts for the same person in multiple places is inefficient and prone to problems with consistency and synchronization. A comprehensive application account management process that includes automation helps to ensure that accounts designated as requiring attentio...

Fix Text (Documentation Requirement)

Integrate database management system (DBMS) security with an organization-level authentication/access mechanism providing account management for all users, groups, roles, and any other principals. For each Oracle-managed account that is not documented and approved, either transfer it to management by the external mechanism, or document the need for it and obtain approval, as appropriate. Utilize an Oracle feature/product, an OS feature, a third-party product, or custom code to automate as much account maintenance functionality as possible.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel