STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must generate audit records when concurrent logons from different workstations and systems occur.

DISA Rule

SV-233266r599685_rule

Vulnerability Number

V-233266

Group Title

SRG-APP-000506

Rule Version

SRG-APP-000506-CTR-001290

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the container platform to generate audit log for concurrent logins from multiple workstations and systems. Revise all applicable system documentation.

Check Contents

Review the container platform configuration for audit logon events.

Ensure audit policy for concurrent logons from different workstations and systems is enabled.

Verify events are written to the log.

Validate system documentation is current.

If concurrent logons from different workstations and systems do not generate log records, this is a finding.

Vulnerability Number

V-233266

Documentable

False

Rule Version

SRG-APP-000506-CTR-001290

Severity Override Guidance

Review the container platform configuration for audit logon events.

Ensure audit policy for concurrent logons from different workstations and systems is enabled.

Verify events are written to the log.

Validate system documentation is current.

If concurrent logons from different workstations and systems do not generate log records, this is a finding.

Check Content Reference

M

Target Key

5239

Comments