An error occurred:

Oracle Database 19c STIG Version Comparison

Oracle Database 19c Security Technical Implementation Guide

Comparison

There are 12 differences between versions v1 r1 (Jan. 28, 2025) (the "left" version) and v1 r2 (July 2, 2025) (the "right" version).

Check O19C-00-020500 was added to the benchmark in the "right" version.

This check's original form is available here.

Text Differences

Title

A minimum of three Oracle Control Files must be created and each stored on a separate physical and logical device.

Check Content

Use the SQL statement below to obtain information on each currently existing Control File: SELECT name FROM sys.v$controlfile ORDER BY 1; Oracle Best Practice: Oracle recommends a minimum of three Oracle Control Files and each stored on a separate physical and logical device (RAID 1 + 0). DOD guidance recommends: Each control file must be located on a separate physical and logical (virtual) storage device. Consult with the storage administrator, system administrator, or database administrator to determine whether the mount points or partitions referenced in the file paths indicate separate physical disks or directories on RAID devices. Note: Distinct does not equal dedicated. May share directory space with other Oracle database instances if present. If the minimum of three control files is not met, this is a finding.

Discussion

Oracle control files store information critical to Oracle database integrity. Oracle uses these files to maintain time synchronization of database files and verify the validity of system data and log files at system startup. Loss of access to the control files can affect database availability, integrity, and recovery. Oracle Pluggable Databases (PDBs) do not contain their own control files; instead, all PDBs within a Container Database (CDB) share control files managed by the CDB.

Fix

To prevent loss of service during disk failure, multiple copies of Oracle control files must be maintained on separate disks in archived directories or on separate, archived directories within one or more RAID devices. Adding or moving a control file requires careful planning and execution. Consult and follow the instructions for creating control files in the Oracle Database Administrator's Guide, under Steps for Creating New Control Files.