Đang chuẩn bị liên kết để tải về tài liệu:
Oracle Database Security Checklist

Obtaining comprehensive data and information on public debt is challenging. Data availability is limited along the dimensions of time, country coverage, and debt completeness. For example, data on external public debt for developing countries are generally available from the GDF dataset. However, the GDF does not cover advanced economies, and separates public and private components of external debt only for long-term debt. Similarly, the IFS database starts in 1970, but data are available for just a handful of countries in the early years. As noted, datasets of regional or institutional bodies cover public debt for subsets of countries and also typically. | Oracle Database Security Checklist ORACLE An Oracle White Paper June 2008 Oracle Database Security Checklist Protecting the database environment.3 Install only what is required.3 Lock and expire default user accounts.4 Changing default user passwords.4 Change passwords for administrative accounts.5 Change default passwords for all users.5 Enforce password management.5 Secure batch jobs.5 Manage access to SYSDBA and SYSOPER roles.6 Enable Oracle data dictionary protection.6 Follow the principle of least privilege.6 Public privileges.7 Restrict permissions on run-time facilities.8 Authenticate clients.8 Restrict operating system access.8 Secure the Oracle listener.8 Secure external procedures.9 Prevent runtime changes to listener.9 Checking network IP addresses.9 Harden the operating system.10 Encrypt network traffic.10 Apply all security patches.10 Report security issues to Oracle.10 Appendix A - Oracle Database 11g Release 1 Enterprise Edition default accounts and their status.11 Appendix B - Oracle Database 10g Release 1 and Release 2 Enterprise Edition default accounts and their status.12 Appendix C - Oracle Database 9i Release 2 Enterprise Edition default accounts and their status.14 Oracle Database Security Checklist Page 2 Oracle Database Security Checklist PROTECTING THE DATABASE ENVIRONMENT Since Oracle9i Oracle has been working with customers to better understand their desired default configurations and harden the Oracle environment. For several major releases of the database the Oracle documentation has provided guidance on securely configuring the Oracle Database. New with Oracle Database 11g is the Oracle Database 2 Day Security Guide an excellent introductory reference for Oracle Database Security. Significant changes have been made since Oracle9i to make it easier for customers to securely configure the Oracle Database. Oracle9i provided post installation locking and expiration of most default accounts. Oracle Database 10g provided optional install of