STIGQter: STIG Summary: VMware vRealize Automation 7.x tc Server Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

tc Server ALL log files must be moved to a permanent repository in accordance with site policy.

DISA Rule

SV-100999r1_rule

Vulnerability Number

V-90349

Group Title

SRG-APP-000358-WSR-000163

Rule Version

VRAU-TC-000750

Severity

CAT II

CCI(s)

• CCI-001851 - The information system off-loads audit records per organization-defined frequency onto a different system or media than the system being audited.

Weight

10

Fix Recommendation

Develop and enforce a site procedure for moving log files periodically from the web server to a permanent repository in accordance with site retention policies.

Check Contents

Interview the ISSO.

Review the site policy for moving log files from the web server to a permanent repository. Ensure that log files are being moved from the web server in accordance with the site policy.

If the site does not have a policy for periodically moving log files to an archive repository or such policy is not being enforced, this is a finding.

Vulnerability Number

V-90349

Documentable

False

Rule Version

VRAU-TC-000750

Severity Override Guidance

Interview the ISSO.

Review the site policy for moving log files from the web server to a permanent repository. Ensure that log files are being moved from the web server in accordance with the site policy.

If the site does not have a policy for periodically moving log files to an archive repository or such policy is not being enforced, this is a finding.

Check Content Reference

M

Target Key

3439

Comments