STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

All audit records must identify any containers associated with the event within the container platform.

DISA Rule

SV-233048r599541_rule

Vulnerability Number

V-233048

Group Title

SRG-APP-000100

Rule Version

SRG-APP-000100-CTR-000200

Severity

CAT II

CCI(s)

• CCI-001487 - The information system generates audit records containing information that establishes the identity of any individuals or subjects associated with the event.

Weight

10

Fix Recommendation

Configure the container platform to include the component information that generated the audit record.

Check Contents

Review the container platform configuration to determine if it is configured to generate audit records that contain the component information that generated the audit record.

Generate audit records and review the data to determine if records are generated containing the component information that generated the record.

If the container platform is not configured to generate audit records containing the component information or records are generated that do not contain the component information that generated the record, this is a finding.

Vulnerability Number

V-233048

Documentable

False

Rule Version

SRG-APP-000100-CTR-000200

Severity Override Guidance

Review the container platform configuration to determine if it is configured to generate audit records that contain the component information that generated the audit record.

Generate audit records and review the data to determine if records are generated containing the component information that generated the record.

If the container platform is not configured to generate audit records containing the component information or records are generated that do not contain the component information that generated the record, this is a finding.

Check Content Reference

M

Target Key

5239

Comments