STIGQter: STIG Summary: VMware vRealize Automation 7.x tc Server Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

tc Server ALL must use a logging mechanism that is configured to alert the ISSO and SA in the event of a processing failure.

DISA Rule

SV-100625r1_rule

Vulnerability Number

V-89975

Group Title

SRG-APP-000108-WSR-000166

Rule Version

VRAU-TC-000250

Severity

CAT II

CCI(s)

• CCI-000139 - The information system alerts designated organization-defined personnel or roles in the event of an audit processing failure.

Weight

10

Fix Recommendation

Configure the web server to provide an alert to the ISSO and SA when log processing failures occur.

If the web server cannot generate alerts, utilize an external logging system that meets this criterion.

Check Contents

Interview the ISSO.

Determine if log data and records are configured to alert the ISSO and SA in the event of processing failure.

If log data and records are not configured to alert the ISSO and SA in the event of processing failure, this is a finding.

Vulnerability Number

V-89975

Documentable

False

Rule Version

VRAU-TC-000250

Severity Override Guidance

Interview the ISSO.

Determine if log data and records are configured to alert the ISSO and SA in the event of processing failure.

If log data and records are not configured to alert the ISSO and SA in the event of processing failure, this is a finding.

Check Content Reference

M

Target Key

3439

Comments