STIGQter STIGQter: STIG Summary: Multifunction Device and Network Printers STIG Version: 2 Release: 14 Benchmark Date: 25 Oct 2019:

The level of audit has not been established or the audit logs being collected for the devices and print spoolers are not being reviewed.

DISA Rule

SV-7024r2_rule

Vulnerability Number

V-6799

Group Title

MFD Level of Audit and Reviewing

Rule Version

MFD06.006

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Define the level of auditing and identify personnel responsible for reviewing audit logs of MFDs, printers, and print spoolers.

Check Contents

Obtain and review the organization's MFD and printer security policy. If the level of auditing has not been established, this is a finding. If personnel have not been identified to regularly review MFD, printer, and print spooler logs, this is a finding.

Vulnerability Number

V-6799

Documentable

False

Rule Version

MFD06.006

Severity Override Guidance

Obtain and review the organization's MFD and printer security policy. If the level of auditing has not been established, this is a finding. If personnel have not been identified to regularly review MFD, printer, and print spooler logs, this is a finding.

Check Content Reference

I

Responsibility

Information Assurance Officer

Target Key

551

Comments