CCI-001814
The Information system supports auditing of the enforcement actions.
4 rules found Severity: Medium
4 rules found Severity: Medium
The DBN-6300 must audit the enforcement actions used to restrict access associated with changes to the device.
1 rule found Severity: Medium
The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.
1 rule found Severity: Medium
The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set.
1 rule found Severity: Medium
An appropriate Docker Engine - Enterprise log driver plugin must be configured to collect audit events from Universal Control Plane (UCP) and Docker Trusted Registry (DTR).
1 rule found Severity: Medium
The DataPower Gateway must audit the enforcement actions used to restrict access associated with changes to the device.
1 rule found Severity: Medium
DB2 must produce audit records of its enforcement of access restrictions associated with changes to the configuration of DB2 or database(s).
1 rule found Severity: Medium
1 rule found Severity: Medium
SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s).
1 rule found Severity: Medium
Riverbed Optimization System (RiOS) must generate a log event for the enforcement actions used to restrict access associated with changes to the device.
1 rule found Severity: Medium
The access to the Tanium SQL database must be restricted. Only the designated database administrator(s) can have elevated privileges to the Tanium SQL database.
3 rules found Severity: Medium
The Tanium Server installers account SQL database permissions must be reduced from sysadmin to db_owner.
1 rule found Severity: Medium
1 rule found Severity: Medium
The macOS system must audit the enforcement actions used to restrict access associated with changes to the system.
2 rules found Severity: Medium
The Ubuntu operating system must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DoD-defined auditable events and actions in near real time.
1 rule found Severity: Medium
MongoDB must provide audit record generation for DoD-defined auditable events within all DBMS/database components.
2 rules found Severity: Medium
PostgreSQL must produce audit records of its enforcement of access restrictions associated with changes to the configuration of PostgreSQL or database(s).
3 rules found Severity: Medium
The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification.
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved.
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must be configured so that the rsyslog daemon does not accept log messages from other servers unless the server is being used for log aggregation.
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not permit Generic Security Service Application Program Interface (GSSAPI) authentication unless needed.
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not permit Kerberos authentication unless needed.
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must not have the Trivial File Transfer Protocol (TFTP) server package installed if not required for operational support.
1 rule found Severity: High
1 rule found Severity: Medium
The BIG-IP appliance must be configured to audit the enforcement actions used to restrict access associated with changes to the device.
1 rule found Severity: Medium
The EDB Postgres Advanced Server must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the EDB Postgres Advanced Server or database(s).
1 rule found Severity: Medium
The F5 BIG-IP appliance must be configured to audit the execution of privileged functions such as accounts additions and changes.
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
MarkLogic Server must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s).
1 rule found Severity: Medium
1 rule found Severity: Medium
MongoDB must provide audit record generation for DOD-defined auditable events within all DBMS/database components.
1 rule found Severity: Medium
Azure SQL Database must produce audit records of its enforcement of access restrictions associated with changes to the configuration of Azure SQL Database(s).
1 rule found Severity: Medium
4 rules found Severity: Medium
4 rules found Severity: Medium
The Oracle Linux operating system must be configured so that auditing is configured to produce records containing information to establish what type of events occurred, where the events occurred, the source of the events, and the outcome of the events. These audit records must also identify individual identities of group account users.
1 rule found Severity: Medium
The MySQL Database Server 8.0 must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the MySQL Database Server 8.0 or database(s).
1 rule found Severity: Medium
The Riverbed NetProfiler must be configured to automatically generate DOD-required audit records with sufficient information to support incident reporting to a central log server.
1 rule found Severity: High
1 rule found Severity: Medium
1 rule found Severity: Medium
The TippingPoint SMS must be configured to send log data to at least two central log servers for the purpose of forwarding alerts to the administrators and the information system security officer (ISSO).
1 rule found Severity: High
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
Ubuntu 22.04 LTS must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DOD-defined auditable events and actions in near real time.
1 rule found Severity: Medium
Forescout must audit the enforcement actions used to restrict access associated with changes to the device.
1 rule found Severity: Low
MariaDB must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s).
1 rule found Severity: Medium
SQL Server must produce audit records of its enforcement of access restrictions associated with changes to the configuration of SQL Server or database(s).
1 rule found Severity: Medium
OL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.
1 rule found Severity: Medium
1 rule found Severity: Medium
2 rules found Severity: Low
Rancher MCM must use a centralized user management solution to support account management functions. For accounts using password authentication, the container platform must use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.
1 rule found Severity: High