STIGQter: STIG Summary: VMware ESX 3 Server Version: 1 Release: 2 Benchmark Date: 22 Jul 2016: The system must log successful and unsuccessful access to the root account.

DISA Rule

SV-12481r2_rule

Vulnerability Number

V-11980

Group Title

GEN001060

Rule Version

GEN001060

Severity

CAT II

CCI(s)

• CCI-000126 - The organization determines that the organization-defined subset of the auditable events defined in AU-2 are to be audited within the information system.

Weight

10

Fix Recommendation

Troubleshoot the system logging configuration to provide for logging of root account login attempts.

Check Contents

Verify the system logs successful and unsuccessful access to the root account. If it does not, this is a finding.

Vulnerability Number

V-11980

Documentable

False

Rule Version

GEN001060

Severity Override Guidance

Verify the system logs successful and unsuccessful access to the root account. If it does not, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

1386

Comments