STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must generate audit records when successful/unsuccessful attempts to access privileges occur.

DISA Rule

SV-233040r599525_rule

Vulnerability Number

V-233040

Group Title

SRG-APP-000091

Rule Version

SRG-APP-000091-CTR-000160

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the container platform to generate audit records when successful/unsuccessful attempts are made to access privileges occur.

Check Contents

Review the container platform configuration to determine if it is configured to generate audit records when successful/unsuccessful attempts are made to access privileges.

If the container platform is not configured to generate audit records on successful/unsuccessful access to privileges, this is a finding.

Vulnerability Number

V-233040

Documentable

False

Rule Version

SRG-APP-000091-CTR-000160

Severity Override Guidance

Review the container platform configuration to determine if it is configured to generate audit records when successful/unsuccessful attempts are made to access privileges.

If the container platform is not configured to generate audit records on successful/unsuccessful access to privileges, this is a finding.

Check Content Reference

M

Target Key

5239

Comments