Here is a good tool to baseline your database lock down. -Rob
http://iasecontent.disa.mil/stigs/jar/STIGViewer_2.3.jar
http://iasecontent.disa.mil/stigs/zip/Compilations/U_SRG-STIG_Library_2016_07.zip
===================================
Robert P. LockardOracle ACEWinner of the 2015 Oracle Developers Choice Award
for Database DesignPresident Oraclewizard.com, Inc.
The question is not “who is going to let me,” it's “who is going to stop me."
Ayn Rand
(cell) 571.276.4790
(office) 410.766.6960
(fax) 410.766.0332
twitter @navonpilot
youtube https://www.youtube.com/user/n4281k
blog: http://www.oraclewizard.com ;
-----Original Message-----
From: Chris Grabowy [mailto:cgrabowy@xxxxxxxxx]
Sent: Thursday, August 11, 2016 09:38 AM
To: ''ORACLE-L''
Subject: Oracle Security Audit
I searched through the backlog of Oracle list emails I have and I do not see
this question being asked so….
My manager stopped by and mentioned that Oracle will be coming in next month to
do a Security Audit.
Uh, ok. No other details.
Apparently this is no cost Oracle Security Audit.
So this could either be a Q&A session and they recommend some security products
to improve our security.
Or this could be an exhaustive audit of our configuration from every possible
angle.
Has anyone else had an Oracle Security Audit performed at their site?
Should I just resign now? Should I switch to the SQL Server team? Should I move
my desk to the basement? Or change to my dream job of studying sloths in the
rain forests of Costa Rica?
Thanks,
Chris Grabowy