STIGQter: STIG Summary: A10 Networks ADC NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 15 Apr 2016:

The A10 Networks ADC must have command auditing enabled.

DISA Rule

SV-82531r1_rule

Vulnerability Number

V-68041

Group Title

SRG-APP-000101-NDM-000231

Rule Version

AADC-NM-000032

Severity

CAT III

CCI(s)

• CCI-000135 - The information system generates audit records containing the organization-defined additional, more detailed information that is to be included in the audit records.

Weight

10

Fix Recommendation

The following command enables command auditing:
audit enable privilege

The privilege option enables logging of Privileged EXEC commands also. Without this option, only configuration commands are logged. Use this option.

Check Contents

Review the device configuration.

The following command displays the configuration and includes an output modifier to filter on the word "audit":
show run | inc audit

If the output does not include "audit enable privilege", this is a finding.

Vulnerability Number

V-68041

Documentable

False

Rule Version

AADC-NM-000032

Severity Override Guidance

Review the device configuration.

The following command displays the configuration and includes an output modifier to filter on the word "audit":
show run | inc audit

If the output does not include "audit enable privilege", this is a finding.

Check Content Reference

M

Target Key

2915

Comments