Changes to configuration options must be audited.
An XCCDF Rule
Description
The AUDIT_SYS_OPERATIONS parameter is used to enable auditing of actions taken by the user SYS. The SYS user account is a shared account by definition and holds all privileges in the Oracle database. It is the account accessed by users connecting to the database with SYSDBA or SYSOPER privileges.
- ID
- SV-219739r879887_rule
- Version
- O112-BP-025800
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
From SQL*Plus:
alter system set audit_sys_operations = TRUE scope = spfile;
The above SQL*Plus command will set the parameter to take effect at next system startup.