STIGQter: STIG Summary: General Purpose Operating System SRG Version: 1 Release: 6 Benchmark Date: 26 Jul 2019:

The operating system must enforce dual authorization for movement and/or deletion of all audit information, when such movement or deletion is not part of an authorized automatic process.

DISA Rule

SV-71445r1_rule

Vulnerability Number

V-57185

Group Title

SRG-OS-000360-GPOS-00147

Rule Version

SRG-OS-000360-GPOS-00147

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-001896 - The organization enforces dual authorization for movement and/or deletion of organization-defined audit information.

Weight

10

Fix Recommendation

Configure the operating system to enforce dual authorization for movement and/or deletion of all audit information, when such movement or deletion is not part of an authorized automatic process.

Check Contents

Verify the operating system enforces dual authorization for movement and/or deletion of all audit information, when such movement or deletion is not part of an authorized automatic process. If it does not, this is a finding.

Vulnerability Number

V-57185

Documentable

False

Rule Version

SRG-OS-000360-GPOS-00147

Severity Override Guidance

Verify the operating system enforces dual authorization for movement and/or deletion of all audit information, when such movement or deletion is not part of an authorized automatic process. If it does not, this is a finding.

Check Content Reference

M

Target Key

2739

Comments