STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

Dynamic Host Configuration Protocol (DHCP) audit and event logs must record hostnames and MAC addresses to be stored online for thirty days and offline for one year.

DISA Rule

SV-8585r3_rule

Vulnerability Number

V-8099

Group Title

DHCP audit and event logs and info collected.

Rule Version

NET0198

Severity

CAT III

CCI(s)

• CCI-001902 - The information system provides the means for authorized individuals to determine the identity of the producer of the information.

Weight

10

Fix Recommendation

Configure the DHCP audit and event logs to log hostname and MAC addresses.

Store the logs for a minimum of thirty days online and then offline for one year.

Check Contents

Verify the DHCP audit and event logs include hostnames and MAC addresses of all clients. Also, validate logs are kept online for thirty days and offline for one year.

If the logs do not include hostnames and MAC addresses or if the logs are not kept online for thirty days and offline for one year, this is a finding.

Vulnerability Number

V-8099

Documentable

False

Rule Version

NET0198

Severity Override Guidance

Verify the DHCP audit and event logs include hostnames and MAC addresses of all clients. Also, validate logs are kept online for thirty days and offline for one year.

If the logs do not include hostnames and MAC addresses or if the logs are not kept online for thirty days and offline for one year, this is a finding.

Check Content Reference

M

Target Key

838

Comments