STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must automatically audit account creation.

DISA Rule

SV-80351r1_rule

Vulnerability Number

V-65861

Group Title

SRG-APP-000026

Rule Version

TMDS-00-000020

Severity

CAT II

CCI(s)

• CCI-000018 - The information system automatically audits account creation actions.

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to automatically audit account creation.

Enable "User Created" events by selecting the following:

Administration >> System Settings >> System Events >> Enable Event ID 650 User Created.

Select: Record
Select: Forward

Check Contents

Review the Trend Deep Security server to ensure account creation is automatically audited.

Verify "User Created" events is enabled by reviewing the following:

Administration >> System Settings >> System Events >> Enable Event ID 650 User Created.

Select: Record
Select: Forward

If "User Created" is not enabled this is a finding.

Vulnerability Number

V-65861

Documentable

False

Rule Version

TMDS-00-000020

Severity Override Guidance

Review the Trend Deep Security server to ensure account creation is automatically audited.

Verify "User Created" events is enabled by reviewing the following:

Administration >> System Settings >> System Events >> Enable Event ID 650 User Created.

Select: Record
Select: Forward

If "User Created" is not enabled this is a finding.

Check Content Reference

M

Target Key

2955

Comments