This appendix lists actions that need to be performed to create a secure system. The following is an example:
Install only what is required.
Lock and expire default user accounts.
Enforce password management.
Grant necessary privileges only.
Revoke unnecessary privileges from the PUBLIC user group.
Restrict permissions on run-time facilities.
Restrict network access.
Use a firewall.
Never poke a hole through a firewall.
Protect the Oracle listener.
Monitor listener activity.
Monitor who accesses your systems.
Check network IP addresses.