Skip to content

The application must generate audit records for all account creations, modifications, disabling, and termination events.

An XCCDF Rule

Description

<VulnDiscussion>When application user accounts are created, modified, disabled or terminated the event must be logged. Centralized management of user accounts allows for rapid response to user related security events and also provides ease of management. Allowing the centralized user management solution to log these events is acceptable practice; however, if the application provides a user management interface to manage these tasks, the application must also log these events. Application developers are encouraged to integrate their applications with enterprise-level authentication/access/audit mechanisms such as Syslog, Active Directory or LDAP.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-222467r918117_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Configure the application to log user account creation, modification, disabling, and termination events.