| No |
Code |
Description |
Risk |
| 1 |
USERSCC |
Users |
|
| 1 1.1 |
STDACC |
Standard accounts |
High |
| 2 1.2 |
FAILLOG |
Failed logins allowed |
Low |
| 2 |
PASSWORDS |
Passwords |
|
| 3 2.1 |
PWDGRACE |
Password grace time |
Low |
| 4 2.2 |
PWDLIFE |
Password life time |
High |
| 5 2.3 |
PWDLOCK |
Password lock time |
Low |
| 6 2.4 |
PWDREUSENO |
Password reuse number |
Medium |
| 7 2.5 |
PWDREUSETIME |
Password reuse time |
Medium |
| 8 2.6 |
PWDVERIFY |
Password verify function |
Low |
| 3 |
PROFILES |
User profiles |
|
| 9 3.1 |
DEFPROF |
The DEFAULT profile |
Low |
| 10 3.2 |
OTHPROF |
Other profiles |
Low |
| 4 |
PRIVILEGES |
Privileges |
|
| 11 4.1 |
OSYSPRIV |
User's system privileges |
Medium |
| 12 4.2 |
OPQUANY |
Users with ANY privilege |
Medium |
| 5 |
ROLES |
Roles |
|
| 13 5.1 |
OROLDBA |
Users granted the DBA Role |
High |
| 14 5.2 |
OROLANY |
Roles with ANY privilege |
Medium |
| 15 5.3 |
OROLPWD |
Roles without passwords |
Low |
| 16 5.4 |
OROLPUB |
Roles granted to PUBLIC |
Medium |
| 17 5.5 |
OROLADM |
Roles granted with ADMIN |
Medium |
| 18 5.6 |
OROLCON |
Users with the CONNECT role |
Medium |
| 19 5.7 |
OROLRES |
Users with the RESOURCE role |
Medium |
| 6 |
SYSTEM |
System settings |
|
| 20 6.1 |
SYSLOGPWDFILE |
Remote login password file |
Medium |
| 21 6.2 |
SYSOSAUTH |
Remote OS authentication |
High |
| 22 6.3 |
SYSDATADIC |
Data dictionary Accessibility |
Medium |
