STIGQter: STIG Summary: Multifunction Device and Network Printers STIG Version: 2 Release: 14 Benchmark Date: 25 Oct 2019:

Auditing of user access and fax logs must be enabled when fax from the network is enabled.

DISA Rule

SV-7028r2_rule

Vulnerability Number

V-6803

Group Title

MFD fax from network auditing

Rule Version

MFD07.004

Severity

CAT III

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Configure the MFD to audit faxing. If this is not possible, disable the fax functionality and disconnect the phone line from the MFD.

Check Contents

The reviewer will, with the assistance from the SA, verify auditing of user access and fax logging is enabled if fax from the network is enabled. If auditing of user access and fax logging is not enabled, this is a finding.

Vulnerability Number

V-6803

Documentable

False

Rule Version

MFD07.004

Severity Override Guidance

Check Content Reference

Responsibility

System Administrator

Target Key

551

Auditing of user access and fax logs must be enabled when fax from the network is enabled.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments