STIGQter: STIG Summary: Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

AAA Services must be configured to audit each authentication and authorization transaction.

DISA Rule

SV-95599r1_rule

Vulnerability Number

V-80889

Group Title

SRG-APP-000089-AAA-000380

Rule Version

SRG-APP-000089-AAA-000380

Severity

CAT II

CCI(s)

• CCI-000169 - The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.

Weight

10

Fix Recommendation

Configure AAA Services to audit each authentication and authorization transaction.

Check Contents

Verify AAA Services are configured to audit each authentication and authorization transaction.

If AAA Services are not configured to audit each authentication and authorization transaction, this is a finding.

Vulnerability Number

V-80889

Documentable

False

Rule Version

SRG-APP-000089-AAA-000380

Severity Override Guidance

Verify AAA Services are configured to audit each authentication and authorization transaction.

If AAA Services are not configured to audit each authentication and authorization transaction, this is a finding.

Check Content Reference

M

Target Key

3357

Comments