STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must generate audit records when successful/unsuccessful logon attempts occur.

DISA Rule

SV-233263r599726_rule

Vulnerability Number

V-233263

Group Title

SRG-APP-000503

Rule Version

SRG-APP-000503-CTR-001275

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the container platform registry, keystore, and runtime to generate audit log for successful and unsuccessful logon for any all accounts and services. Revise all applicable system documentation.

Check Contents

Review the container platform configuration for audit logon events.

Ensure audit policy for successful and unsuccessful logon events are enabled.

Verify events are written to the log.

Validate system documentation is current.

If logon attempts do not generate log records, this is a finding.

Vulnerability Number

V-233263

Documentable

False

Rule Version

SRG-APP-000503-CTR-001275

Severity Override Guidance

Review the container platform configuration for audit logon events.

Ensure audit policy for successful and unsuccessful logon events are enabled.

Verify events are written to the log.

Validate system documentation is current.

If logon attempts do not generate log records, this is a finding.

Check Content Reference

M

Target Key

5239

Comments