STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

All audit records must identify where in the container platform the event occurred.

DISA Rule

SV-233044r599533_rule

Vulnerability Number

V-233044

Group Title

SRG-APP-000097

Rule Version

SRG-APP-000097-CTR-000180

Severity

CAT II

CCI(s)

• CCI-000132 - The information system generates audit records containing information that establishes where the event occurred.

Weight

10

Fix Recommendation

Configure the container platform to generate audit records that identify where in the container platform the event occurred.

Check Contents

Review the container platform configuration to determine if all audit records identify where in the container platform the event occurred.

Generate audit records and view the audit records to verify that the records do identify where in the container platform the event occurred.

If the container platform is not configured to generate audit records that identify where in the container platform the event occurred, or if the generated audit records do not identify where in the container platform the event occurred, this is a finding.

Vulnerability Number

V-233044

Documentable

False

Rule Version

SRG-APP-000097-CTR-000180

Severity Override Guidance

Review the container platform configuration to determine if all audit records identify where in the container platform the event occurred.

Generate audit records and view the audit records to verify that the records do identify where in the container platform the event occurred.

If the container platform is not configured to generate audit records that identify where in the container platform the event occurred, or if the generated audit records do not identify where in the container platform the event occurred, this is a finding.

Check Content Reference

M

Target Key

5239

Comments