A User Assessment job generates a report that helps you identify users that pose a risk to your target database. The report includes four charts and a table.
This article has the following topics:
- User Risk: Shows the number of users who are
Critical Risk, High Risk, Medium Risk, and Low Risk.
- User Roles: Compares the number of users
DV Admin, and
- Last Password Change: Shows the number of
users who have changed their passwords in the last 30 days, the last 30-90 days,
and 90 days ago or more.
- Last Login: Shows the percentage of users
that signed in to the database within the last 24 hours, within the last week,
within the current month, within the current year, and a year ago or more.
The table is displayed below the charts and contains the following information about each user in a target database:
- User account name
- Target database name
- User type: Admin, Application, Privileged, Schema, or Non-privileged. A
user with one or more of the following administrative privileges is classified as an
SYSKM. A privileged user is a user who is granted system and object privileges that classify the user as High or Very High risk.
- A check mark if the user has the
DV Admin, or
- Risk level: Low, Medium, High, and Critical
- Status: OPEN, LOCKED, or EXPIRED & LOCKED
- Date/time when the user last logged into the target database
- Time duration since the user was created, for example, four months ago
- Authentication method used by the user, for example, PASSWORD or NONE
- Password profile used by the user, for example, DEFAULT
- Date/time when the user's password was last changed
- Link to the user's audit records
The following is an example table in a User Assessment report.