SRG-OS-000254-GPOS-00095

The operating system must initiate session audits at system start-up.

Details
Associations

Canonical Source

SV-203670r991555_rule ( from General Purpose Operating System Security Requirements Guide )

Description

If auditing is enabled late in the start-up process, the actions of some start-up processes may not be audited. Some audit systems also maintain state information only available if auditing is enabled before a given process is created.