STIGQter: STIG Summary: Multifunction Device and Network Printers STIG Version: 2 Release: 14 Benchmark Date: 25 Oct 2019:

The level of audit has not been established or the audit logs being collected for the devices and print spoolers are not being reviewed.

DISA Rule

SV-7024r2_rule

Vulnerability Number

V-6799

Group Title

MFD Level of Audit and Reviewing

Rule Version

MFD06.006

Severity

CAT III

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Define the level of auditing and identify personnel responsible for reviewing audit logs of MFDs, printers, and print spoolers.

Check Contents

Obtain and review the organization's MFD and printer security policy. If the level of auditing has not been established, this is a finding. If personnel have not been identified to regularly review MFD, printer, and print spooler logs, this is a finding.

Vulnerability Number

V-6799

Documentable

False

Rule Version

MFD06.006

Severity Override Guidance

Check Content Reference

Responsibility

Information Assurance Officer

Target Key

551

The level of audit has not been established or the audit logs being collected for the devices and print spoolers are not being reviewed.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments