SV-207278r615936_rule
V-207278
SRG-APP-000118
EX13-MB-000060
CAT II
10
Update the EDSP.
Restrict any unauthorized groups' or users' read access to the audit logs.
Review the Email Domain Security Plan (EDSP).
Determine the authorized groups or users that should have read access to the audit data.
If any group or user has read access to the audit data that is not documented in the EDSP, this is a finding.
V-207278
False
EX13-MB-000060
Review the Email Domain Security Plan (EDSP).
Determine the authorized groups or users that should have read access to the audit data.
If any group or user has read access to the audit data that is not documented in the EDSP, this is a finding.
M
2923