STIGQter: STIG Summary: Virtual Private Network (VPN) Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The VPN Gateway log must protect audit information from unauthorized modification when stored locally.

DISA Rule

SV-207202r608988_rule

Vulnerability Number

V-207202

Group Title

SRG-NET-000099

Rule Version

SRG-NET-000099-VPN-000380

Severity

CAT II

CCI(s)

• CCI-000163 - The information system protects audit information from unauthorized modification.

Weight

10

Fix Recommendation

Configure the VPN Gateway log to protect audit information from unauthorized modification when stored locally. The method used depends on system architecture and design. Examples: ensuring log files receive the proper file system permissions and limiting log data locations.

Check Contents

Verify the VPN Gateway log is configured to protect audit information from unauthorized modification when stored locally.

The VPN Gateway log must protect audit information from unauthorized modification when stored locally, this is a finding.

Vulnerability Number

V-207202

Documentable

False

Rule Version

SRG-NET-000099-VPN-000380

Severity Override Guidance

Verify the VPN Gateway log is configured to protect audit information from unauthorized modification when stored locally.

The VPN Gateway log must protect audit information from unauthorized modification when stored locally, this is a finding.

Check Content Reference

M

Target Key

2920

Comments