STIGQter STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016: Trend Deep Security must automatically audit account disabling actions.

DISA Rule

SV-80355r1_rule

Vulnerability Number

V-65865

Group Title

SRG-APP-000028

Rule Version

TMDS-00-000030

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to automatically audit account disabling actions.

Enable "User Locked Out" events by selecting the following:

Administration >> System Settings >> System Events >> Enable Event ID 603 User Locked Out.

Select: Record
Select: Forward

Check Contents

Review the Trend Deep Security server configuration to ensure account disabling actions are automatically audited.

Verify "User Locked Out" events are enabled by reviewing the following:

Administration >> System Settings >> System Events >> Enable Event ID 603 User Locked Out.

Select: Record
Select: Forward

If "User Locked Out" is not enabled this is a finding.

Vulnerability Number

V-65865

Documentable

False

Rule Version

TMDS-00-000030

Severity Override Guidance

Review the Trend Deep Security server configuration to ensure account disabling actions are automatically audited.

Verify "User Locked Out" events are enabled by reviewing the following:

Administration >> System Settings >> System Events >> Enable Event ID 603 User Locked Out.

Select: Record
Select: Forward

If "User Locked Out" is not enabled this is a finding.

Check Content Reference

M

Target Key

2955

Comments