Skip to content
ATO Pathways
  Log In

CCI-001880

Provide a report generation capability that supports after-the-fact investigations of security incidents.

Logo
29

Rule

Severity: Medium
Ensure the audit Subsystem is Installed
Logo
30

Rule

Severity: Medium
Enable auditd Service
Logo
3

Rule

Severity: Medium
Ensure the audit-libs package as a part of audit Subsystem is Installed
Logo
15

Rule

Severity: Medium
Record Events When Privileged Executables Are Run
Logo
2

Rule

Severity: Medium
Ensure the libaudit1 package as a part of audit Subsystem is Installed
Logo
2

Rule

Severity: Medium
The application must provide a report generation capability that supports after-the-fact investigations of security incidents.
Logo
2

Rule

Severity: Low
The Central Log Server must be configured to generate reports that support after-the-fact investigations of security incidents.
Logo
2

Rule

Severity: Medium
The Mainframe Product must provide a report generation capability that supports after-the-fact investigations of security incidents.
Logo
1

Rule

Severity: Medium
Nutanix AOS must provide the capability to centrally review and analyze audit records from multiple components within the system.
Logo
1

Rule

Severity: Medium
The macOS system must enable System Integrity Protection.
Logo
3

Rule

Severity: High
The macOS system must enable System Integrity Protection.
Logo
3

Rule

Severity: Medium
The Ubuntu operating system must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DoD-defined auditable events and actions in near real time.
Logo
2

Rule

Severity: Low
The operating system must provide a report generation capability that supports after-the-fact investigations of security incidents.
Logo
2

Rule

Severity: Medium
AIX must provide a report generation function that supports on-demand audit review and analysis, on-demand reporting requirements, and after-the-fact investigations of security incidents.
Logo
2

Rule

Severity: Medium
OL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.
Logo
4

Rule

Severity: Medium
The SUSE operating system must have the auditing package installed.
Logo
4

Rule

Severity: Low
The SUSE operating system must generate audit records for all uses of the privileged functions.
Logo
2

Rule

Severity: Medium
RHEL 9 audit package must be installed.
Logo
2

Rule

Severity: Medium
RHEL 9 audit service must be enabled.
Logo
4

Rule

Severity: Medium
The audit system records must be able to be used by a report generation capability.
Logo
2

Rule

Severity: Medium
The VMM must provide a report generation capability that supports after-the-fact investigations of security incidents.
Logo
1

Rule

Severity: Medium
Ubuntu 22.04 LTS must have the "auditd" package installed.
Logo
1

Rule

Severity: Medium
Ubuntu 22.04 LTS must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DOD-defined auditable events and actions in near real time.
Logo
1

Rule

Severity: Medium
The OL 8 audit package must be installed.
Logo
1

Rule

Severity: Medium
SLEM 5 must have the auditing package installed.
Logo
1

Rule

Severity: Medium
SLEM 5 must generate audit records for all uses of privileged functions.

Patternfly

PatternFly elements

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules