The application must generate audit records showing starting and ending time for user access to the system.
An XCCDF Rule
Description
<VulnDiscussion>Knowing when a user’s application session began and when it ended is critical information that aids in forensic analysis.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-222464r879876_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the application or application server to record the start and end time of user session activity.