U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

CIS Oracle Database 11g R2 2.2.0 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Oracle Database 11g 11.2 cpe:/a:oracle:database_server:11.2 (View CVEs)

Checklist Highlights

Checklist Name:
CIS Oracle Database 11g R2
Checklist ID:
567
Version:
2.2.0
Type:
Compliance
Review Status:
Final
Authority:
Third Party: Center for Internet Security (CIS)
Original Publication Date:
02/27/2015

Checklist Summary:

This document is intended to address the recommended security settings for Oracle Database 11g R2. This guide was tested against Oracle 11g R2 (11.2.0.4) running on a Windows Server 2012 R2 instance as a stand-alone system, and running on an Oracle Linux 6.5 instance also as a stand-alone system. Future Oracle 11g R2 critical patch updates (CPUs) may impact the recommendations included in this document.

Checklist Role:

  • Database Server

Known Issues:

Not Provided

Target Audience:

This benchmark is intended for system and application administrators, security specialists, auditors, help desk, and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate Oracle Database 11g R2 on Oracle Linux or Microsoft Windows Server.

Target Operational Environment:

  • Managed

Testing Information:

This guide was tested against Oracle 11g R2 (11.2.0.4) running on a Windows Server 2012 R2 instance as a stand-alone system, and running on an Oracle Linux 6.5 instance also as a stand-alone system.

Regulatory Compliance:

Not Provided

Comments/Warnings/Miscellaneous:

Not Provided

Disclaimer:

Proper use of the recommendations requires careful analysis and adaptation to specific user requirements. The recommendations are not in any way intended to be a quick fix for anyones information security needs. CIS makes no representations, warranties or covenants whatsoever as to (i) the positive or negative effect of the products or the recommendations on the operation or the security of any particular network, computer system, network device, software, hardware, or any component of any of the foregoing or (ii) the accuracy, reliability, timeliness or completeness of any product or recommendation. CIS is providing the products and the recommendations as is and as available without representations, warranties or covenants of any kind.

Product Support:

feedback@cisecurity.org

Point of Contact:

feedback@cisecurity.org

Sponsor:

Not Provided

Licensing:

Not Provided

Change History: 

Changed Status from "under review" to "final"  - 26 May 2015

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 05/27/2015