STIGQter: STIG Summary: Virtual Private Network (VPN) Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The VPN Gateway must protect audit information from unauthorized deletion when stored locally.

DISA Rule

SV-207203r608988_rule

Vulnerability Number

V-207203

Group Title

SRG-NET-000100

Rule Version

SRG-NET-000100-VPN-000390

Severity

CAT II

CCI(s)

• CCI-000164 - The information system protects audit information from unauthorized deletion.

Weight

10

Fix Recommendation

Configure the VPN Gateway to protect audit information from unauthorized deletion when stored locally. Ensure log files receive the proper file system permissions and limiting log data locations.

Check Contents

Verify the VPN Gateway is configured to protect audit information from unauthorized deletion when stored locally.

If the VPN Gateway does not protect audit information from unauthorized deletion when stored locally, this is a finding.

Vulnerability Number

V-207203

Documentable

False

Rule Version

SRG-NET-000100-VPN-000390

Severity Override Guidance

Verify the VPN Gateway is configured to protect audit information from unauthorized deletion when stored locally.

If the VPN Gateway does not protect audit information from unauthorized deletion when stored locally, this is a finding.

Check Content Reference

M

Target Key

2920

Comments