The Red Hat Enterprise Linux operating system must encrypt the transfer of audit records off-loaded onto a different system or media from the system being audited.

An XCCDF Rule

Details
Profiles

Description

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224

ID: SV-204510r877390_rule
Version: RHEL-07-030310
Severity: Medium
References: CCI-001851
Updated: 5 days ago

Remediation Templates

Configure the operating system to encrypt the transfer of off-loaded audit records onto a different system or media from the system being audited.

Uncomment the "enable_krb5" option in "/etc/audisp/audisp-remote.conf" and set it with the following line:

enable_krb5 = yes

The Red Hat Enterprise Linux operating system must encrypt the transfer of audit records off-loaded onto a different system or media from the system being audited.

Description

Remediation Templates

A Manual Procedure