STIGQter STIGQter: STIG Summary: Central Log Server Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

The Central Log Server must be configured to protect the data sent from hosts and devices from being altered in a way that may prevent the attribution of an action to an individual (or process acting on behalf of an individual).

DISA Rule

SV-95819r1_rule

Vulnerability Number

V-81105

Group Title

SRG-APP-000080-AU-000010

Rule Version

SRG-APP-000080-AU-000010

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Central Log Server to use a hash or other method that protects the data against alteration of the log information sent from hosts and devices.

Configure the Central Log Server to not allow alterations to the machine data.

Check Contents

Examine the configuration.

Verify the system is configured with a hash or other method that protects the data against alteration of the log information sent from hosts and devices.

Verify the Central Log Server is configured to log all changes to the machine data.

If the Central Log Server is not configured to protect against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation, this is a finding.

Vulnerability Number

V-81105

Documentable

False

Rule Version

SRG-APP-000080-AU-000010

Severity Override Guidance

Examine the configuration.

Verify the system is configured with a hash or other method that protects the data against alteration of the log information sent from hosts and devices.

Verify the Central Log Server is configured to log all changes to the machine data.

If the Central Log Server is not configured to protect against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation, this is a finding.

Check Content Reference

M

Target Key

3395

Comments