CCI-003938
Automatically generate audit records of the enforcement actions.
PostgreSQL must produce audit records of its enforcement of access restrictions associated with changes to the configuration of PostgreSQL or database(s).
1 rule found Severity: Medium
1 rule found Severity: Medium
The EDB Postgres Advanced Server must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the EDB Postgres Advanced Server or database(s).
1 rule found Severity: Medium
1 rule found Severity: Medium
The ICS must be configured to audit the execution of privileged functions such as accounts additions and changes.
1 rule found Severity: Medium
1 rule found Severity: Medium
MarkLogic Server must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s).
1 rule found Severity: Medium
Azure SQL Database must produce audit records of its enforcement of access restrictions associated with changes to the configuration of Azure SQL Database(s).
1 rule found Severity: Medium
2 rules found Severity: Medium
2 rules found Severity: Medium
The network device must audit the enforcement actions used to restrict access associated with changes to the device.
1 rule found Severity: Medium
The Oracle Linux operating system must be configured so that auditing is configured to produce records containing information to establish what type of events occurred, where the events occurred, the source of the events, and the outcome of the events. These audit records must also identify individual identities of group account users.
1 rule found Severity: Medium
The MySQL Database Server 8.0 must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the MySQL Database Server 8.0 or database(s).
1 rule found Severity: Medium
The Riverbed NetProfiler must be configured to automatically generate DOD-required audit records with sufficient information to support incident reporting to a central log server.
1 rule found Severity: High
The SDN controller must be configured to audit the enforcement actions used to restrict access associated with changes to any application within the SDN framework.
1 rule found Severity: Medium
The access to the Tanium SQL database must be restricted. Only the designated database administrator(s) can have elevated privileges to the Tanium SQL database.
1 rule found Severity: Medium
1 rule found Severity: Medium
The TippingPoint SMS must be configured to send log data to at least two central log servers for the purpose of forwarding alerts to the administrators and the information system security officer (ISSO).
1 rule found Severity: High
TOSS audit records must contain information to establish what type of events occurred, when the events occurred, the source of events, where events occurred, and the outcome of events.
1 rule found Severity: Medium
1 rule found Severity: Medium
3 rules found Severity: Medium
2 rules found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
2 rules found Severity: Medium
2 rules found Severity: Medium
2 rules found Severity: Medium
2 rules found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
The application server must log the enforcement actions used to restrict access associated with changes to the application server.
1 rule found Severity: Medium
1 rule found Severity: Medium
Ubuntu 22.04 LTS must produce audit records and reports containing information to establish when, where, what type, the source, and the outcome for all DOD-defined auditable events and actions in near real time.
1 rule found Severity: Medium
1 rule found Severity: Medium
The container platform must enforce access restrictions and support auditing of the enforcement actions.
1 rule found Severity: Medium
The DBMS must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s).
1 rule found Severity: Medium
Forescout must audit the enforcement actions used to restrict access associated with changes to the device.
1 rule found Severity: Low
The operating system must audit the enforcement actions used to restrict access associated with changes to the system.
1 rule found Severity: Medium
The HYCU virtual appliance must audit the enforcement actions used to restrict access associated with changes to the device.
1 rule found Severity: Medium
MariaDB must produce audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s).
1 rule found Severity: Medium
The Mainframe Product must audit the enforcement actions used to restrict access associated with changes to the application.
1 rule found Severity: Medium
SQL Server must produce audit records of its enforcement of access restrictions associated with changes to the configuration of SQL Server or database(s).
1 rule found Severity: Medium
OL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.
1 rule found Severity: Medium
Rancher RKE2 components must be configured in accordance with the security configuration settings based on DOD security configuration or implementation guidance, including SRGs, STIGs, NSA configuration guides, CTOs, and DTMs.
1 rule found Severity: Medium
1 rule found Severity: Medium
2 rules found Severity: Low
The UEM server must audit the enforcement actions used to restrict access associated with changes to the application.
1 rule found Severity: Medium
The VMM must audit the enforcement actions used to restrict access associated with changes to the system.
1 rule found Severity: Medium
CL/SuperSession must be properly configured to generate SMF records for audit trail and accounting reports.
3 rules found Severity: Medium
Rancher MCM must use a centralized user management solution to support account management functions. For accounts using password authentication, the container platform must use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.
1 rule found Severity: High