STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must generate audit records for all account creations, modifications, disabling, and termination events.

DISA Rule

SV-80523r1_rule

Vulnerability Number

V-66033

Group Title

SRG-APP-000509

Rule Version

TMDS-00-000400

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to generate audit records for all account creations, modifications, disabling, and termination events.

Enable the necessary setting required for audit by selecting “Record” and “Forward” within the Administration >> System Settings >> System Events, system settings.

Check Contents

Review the Trend Deep Security server to ensure audit records are generated for all account creations, modifications, disabling, and termination events.

Verify all creations, modifications, disabling, and termination events identified within the Trend Deep Security System Events are set to “Record” and “Forward”.

If the events are not set to “Record” and “Forward”, this is a finding.

Vulnerability Number

V-66033

Documentable

False

Rule Version

TMDS-00-000400

Severity Override Guidance

Review the Trend Deep Security server to ensure audit records are generated for all account creations, modifications, disabling, and termination events.

Verify all creations, modifications, disabling, and termination events identified within the Trend Deep Security System Events are set to “Record” and “Forward”.

If the events are not set to “Record” and “Forward”, this is a finding.

Check Content Reference

M

Target Key

2955

Comments