STIGQter: STIG Summary: General Purpose Operating System SRG Version: 1 Release: 6 Benchmark Date: 26 Jul 2019: STIGQter: STIG Summary: General Purpose Operating System SRG Version: 1 Release: 6 Benchmark Date: 26 Jul 2019:SV-70937r1_rule
V-56677
SRG-OS-000062-GPOS-00031
SRG-OS-000062-GPOS-00031
CAT II
10
Configure the operating system to provide audit record generation capability for DoD-defined auditable events for all operating system components.
DoD has defined the list of events for which the operating system will provide an audit record generation capability as the following:
1) Successful and unsuccessful attempts to access, modify, or delete privileges, security objects, security levels, or categories of information (e.g., classification levels);
2) Access actions, such as successful and unsuccessful logon attempts, privileged activities or other system-level access, starting and ending time for user access to the system, concurrent logons from different workstations, successful and unsuccessful accesses to objects, all program initiations, and all direct access to the information system;
3) All account creations, modifications, disabling, and terminations; and
4) All kernel module load, unload, and restart actions.
Verify the operating system provides audit record generation capability for DoD-defined auditable events for all operating system components.
DoD has defined the list of events for which the operating system will provide an audit record generation capability as the following:
1) Successful and unsuccessful attempts to access, modify, or delete privileges, security objects, security levels, or categories of information (e.g., classification levels);
2) Access actions, such as successful and unsuccessful logon attempts, privileged activities or other system-level access, starting and ending time for user access to the system, concurrent logons from different workstations, successful and unsuccessful accesses to objects, all program initiations, and all direct access to the information system;
3) All account creations, modifications, disabling, and terminations; and
4) All kernel module load, unload, and restart actions.
If it does not, this is a finding.
V-56677
False
SRG-OS-000062-GPOS-00031
Verify the operating system provides audit record generation capability for DoD-defined auditable events for all operating system components.
DoD has defined the list of events for which the operating system will provide an audit record generation capability as the following:
1) Successful and unsuccessful attempts to access, modify, or delete privileges, security objects, security levels, or categories of information (e.g., classification levels);
2) Access actions, such as successful and unsuccessful logon attempts, privileged activities or other system-level access, starting and ending time for user access to the system, concurrent logons from different workstations, successful and unsuccessful accesses to objects, all program initiations, and all direct access to the information system;
3) All account creations, modifications, disabling, and terminations; and
4) All kernel module load, unload, and restart actions.
If it does not, this is a finding.
M
2739