Fortinet FortiDB History of Privilege Changes Report HPC, Cobit Objectives and Setup Requirements

Page 46

History of Privilege Changes Report (HPC)

SOX Report Specifics

SOX Report Specifics

This section lists the COBIT objectives and descriptions, the FortiDB MA module-setup requirements, and individual-column detail for each report in this release.

History of Privilege Changes Report (HPC)

HPC Report Sample

COBIT Objectives and Setup Requirements

Objective

 

FortiDB MA Module

Number(s)

Objective Description

Setup Requirement

 

 

 

AI2.4, DS3.5,

Changes to escalate or reduce database-user

PM: using the Audit data

DS5.3, DS5.4

access privileges are tracked for review on a

retrieval method

 

quarterly basis by the IT manager and the

 

 

application business manager.

 

 

 

 

Report Body Columns

The following columns are displayed in the report body:

Column

Description

 

 

User ID

The ID of the database user that initiated the privilege change.

 

 

Grantee

The name of the user for whom privileges were changed.

 

 

Action

The type of action successfully enacted by a non-application user account.

 

Actions include UPDATE, INSERT, and GRANT.

 

 

Target

The object on which the privileges were changed.

 

 

Sys Privilege

The type of system privilege GRANTed to, or REVOKEd from, the grantee.

 

 

Obj Privilege

The type of object privilege GRANTed to, or REVOKEd from, the grantee.

 

 

Time Stamp

The exact time the flagged activity was conducted.

 

 

 

FortiDB Version 3.2 Utilities User Guide

44

15-32000-81369-20081219

Image 46
Contents Utilities User Guide FortiDB Utilities User Guide TrademarksTable of Contents Index FortiDB MA Utilities Auto Discovery Selecting Addresses for Auto-DiscoverySelecting Non-Standard Ports for Auto-Discovery Results from Auto-DiscoveryMS-SQL Discovered Database Information Populating Connection FormMS-SQL Connection Summary Connection Summary Button Connection Summary OutputRule Chaining Setting Screen Rule ChainingRule Chaining Chaining with Parameterized User-Defined Rules Parameterized User-Defined Rule Flow Diagram General Pudr StepsDisabled Parameter Checkboxes Validating the Pudr before SavingItem Setting for Session Policy Example of Chaining to a PL/SQL-based PudrPolicy Settings for Suspicious Login Time Immediate Chained-Rule Alerts UBM Session Policy and Pudr Table Columns That Could Appear in AlertsResulting Killed Session Multiple Source-Rule-Violation Behavior DB ExampleRule Chaining Setting a Timer-based Schedule Setting a Report ScheduleAlert Report Manager Setting a Timer-Based Schedule Deleting a Previously Set Timer ScheduleSetting a Calendar-based Schedule Deleting a Timer ScheduleSetting a Calendar-Based Schedule Setting a Combined ScheduleSetting a Randomized Interval Setting a Randomized IntervalSpecifying Report Parameters Reporting by TimeEnabling Email Recipients ARM Reporting by Time ARM Reporting by Time Calendar Pop-upNew Report Setting Screen top New Reports MenuNew Report Setting Screen bottom Saved and Enabled Report Using the Select Checkbox to Affect Multiple ReportsStatus Menu Status Dialog Activating ARMRunning and Analyzing Reports View Reports Dropdown List on Current Reports ScreenChoosing Summary Report Action Current Report ConfigurationReport Summary Action Summary-Action Output TypesLimitation Report Detailed ActionReport Size Archiving Reports Scheduling Using This FeatureCustom Reports Custom ReportsTime-only Schedule Settings Daily Schedule Settings Monthly Schedule Settings Weekly Schedule SettingsCustomer and Company Information Company Information Dialog Report and Template Generation and ManagementCustom Reports Main Modifying Reports Adding ReportsAdding a Report Modifying a Report Deleting ReportsDeleting a Report Modifying Report Templates Report Result Generating ReportsTemplates Manager Modifying a Template Generated Html Report Example Report History Report HistoryReports radio button on the User Administration screen Licensing and AdministrationUser Administration for Custom Reports and SOX Reports Property Purpose Possible Values DefaultProperty Purpose Possible Values Default1 LimitationsSOX Compliance Reports SOX Reports within Custom Reports ManagerCommon Report Header Fields General Setup InstructionsReports and Acronyms Report Name AcronymReport Body Columns Cobit Objectives and Setup RequirementsHistory of Privilege Changes Report HPC HPC Report SampleAbnormal or Unauthorized Changes to Data Report AUC AUC Report SampleAbnormal Use of Service Accounts Report AUS AUS Report SampleAbnormal Termination of Database Activity Report ATD ATD Report SampleSettings Dialog for the EPA Report End of Period Adjustments Report EPAEPA Report Sample Case AssumptionsVerification of Audit Settings Report VAS VAS Report SampleArchiving Reports Licensing and AdministrationReport Size Verification of Audit Settings Report VAS Index