STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must initiate session auditing upon startup.

DISA Rule

SV-80371r1_rule

Vulnerability Number

V-65881

Group Title

SRG-APP-000092

Rule Version

TMDS-00-000075

Severity

CAT II

CCI(s)

• CCI-001464 - The information system initiates session audits at system start-up.

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to initiate session auditing upon startup.

Go to Administration >> System Settings >> System Events, and set the following settings to “Record.”
600 User Signed In
601 User Signed Out
602 User Timed Out
603 User Locked Out
608 User Session Validation Failed
610 User Session Validated

Check Contents

Review the Trend Deep Security server to ensure session auditing upon startup is initiated.

Verify the following events within the Administration >> System Settings >> System Events, are set to “Record.”
600 User Signed In
601 User Signed Out
602 User Timed Out
603 User Locked Out
608 User Session Validation Failed
610 User Session Validated

If these settings are not set to “Record”, this is a finding.

Vulnerability Number

V-65881

Documentable

False

Rule Version

TMDS-00-000075

Severity Override Guidance

Review the Trend Deep Security server to ensure session auditing upon startup is initiated.

Verify the following events within the Administration >> System Settings >> System Events, are set to “Record.”
600 User Signed In
601 User Signed Out
602 User Timed Out
603 User Locked Out
608 User Session Validation Failed
610 User Session Validated

If these settings are not set to “Record”, this is a finding.

Check Content Reference

M

Target Key

2955

Comments