1.select username,account_status from dba_users;查看用户信息,uid是否唯一,不存在expired账户
2.select * from dba_profiles where resource_type='password';查看是否设置密码复杂度,密码有效期等
3.SELECT LIMIT FROM DBA_PROFILES WHERE PROFILE='DEFAULT' AND RESOURCE_NAME='FAILED_LOGIN_ATTEMOTS';查看登录失败次数,
4.SELECT LIMIT FROM DBA_PROFILES WHERE PROFILE='DEFAULT' AND RESOURCE_NAME='PASSWORD_LOCK_TIME';查看登录失败锁定限制
5. SELECT LIMIT FROM DBA_PROFILES WHERE PROFILE='DEFAULT' AND RESOURCE_NAME='IDLE_TIME';查看登录超时限制
6.select * from dba_tab_privs where grantee='SYS'  ORDER BY GRANTEE;查看sys最高权限授予哪些用户
7.select granted_role from dba_role_privs where grantee='PUBLIC';查看是否有public权限授权给用户,有则不符合
8.Show parameter O7_DICTIONARY_ACCESSIBILITY;返回值为false为符合
9.show parameter audit_trail;查看审计是否开启,返回值默认为DB
10.select * from dba_stmt_audit_opts;
select * from dba_priv_audit_opts;

更多推荐