Skip to content
Log In

CCI-001880

Provide a report generation capability that supports after-the-fact investigations of security incidents.

Ensure the audit Subsystem is Installed

34 rules found Severity: Medium

Logo

Enable auditd Service

36 rules found Severity: Medium

Logo

Ensure the audit-libs package as a part of audit Subsystem is Installed

7 rules found Severity: Medium

Logo

Record Events When Privileged Executables Are Run

4 rules found Severity: Medium

Logo

Ensure the libaudit1 package as a part of audit Subsystem is Installed

2 rules found Severity: Medium

Logo

Nutanix AOS must provide the capability to centrally review and analyze audit records from multiple components within the system.

1 rule found Severity: Medium

Logo

The macOS system must enable System Integrity Protection.

1 rule found Severity: Medium

Logo

The Ubuntu operating system must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DoD-defined auditable events and actions in near real time.

2 rules found Severity: Medium

Logo

The macOS system must enable System Integrity Protection.

1 rule found Severity: High

Logo

AIX must provide a report generation function that supports on-demand audit review and analysis, on-demand reporting requirements, and after-the-fact investigations of security incidents.

1 rule found Severity: Medium

Logo

SLEM 5 must have the auditing package installed.

1 rule found Severity: Medium

Logo

SLEM 5 must generate audit records for all uses of privileged functions.

1 rule found Severity: Medium

Logo

NixOS must enable the audit daemon.

1 rule found Severity: Medium

Logo

The application must provide a report generation capability that supports after-the-fact investigations of security incidents.

1 rule found Severity: Medium

Logo

Ubuntu 22.04 LTS must have the "auditd" package installed.

1 rule found Severity: Medium

Logo

Ubuntu 22.04 LTS must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DOD-defined auditable events and actions in near real time.

1 rule found Severity: Medium

Logo

The Central Log Server must be configured to generate reports that support after-the-fact investigations of security incidents.

1 rule found Severity: Low

Logo

The audit package must be installed on AlmaLinux OS 9.

1 rule found Severity: Medium

Logo

The auditd service must be enabled on AlmaLinux OS 9.

1 rule found Severity: Medium

Logo

The operating system must provide a report generation capability that supports after-the-fact investigations of security incidents.

1 rule found Severity: Low

Logo

The Mainframe Product must provide a report generation capability that supports after-the-fact investigations of security incidents.

1 rule found Severity: Medium

Logo

The OL 8 audit package must be installed.

1 rule found Severity: Medium

Logo

OL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.

1 rule found Severity: Medium

Logo

RHEL 9 audit package must be installed.

1 rule found Severity: Medium

Logo

RHEL 9 audit service must be enabled.

1 rule found Severity: Medium

Logo

The SUSE operating system must have the auditing package installed.

2 rules found Severity: Medium

Logo

The SUSE operating system must generate audit records for all uses of the privileged functions.

2 rules found Severity: Low

Logo

The audit system records must be able to be used by a report generation capability.

2 rules found Severity: Medium

Logo

The VMM must provide a report generation capability that supports after-the-fact investigations of security incidents.

1 rule found Severity: Medium

Logo