STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must generate audit records when successful/unsuccessful logon attempts occur.

DISA Rule

SV-80515r1_rule

Vulnerability Number

V-66025

Group Title

SRG-APP-000503

Rule Version

TMDS-00-000380

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to generate audit records when successful/unsuccessful logon attempts occur.

Configure the alert using the Administration >> System Settings >> System Events for successful/unsuccessful for "User Signed In" (Event ID 600). Select “Record” and “Forward”.

Check Contents

Review the Trend Deep Security server configuration to ensure audit records are generated when successful/unsuccessful logon attempts occur.

Review the system using the Administration >> System Settings >> System Events for successful/unsuccessful attempts for "User Signed In" (Event ID 600).

If the options for “Record” and “Forward” are not enabled, this is a finding.

Vulnerability Number

V-66025

Documentable

False

Rule Version

TMDS-00-000380

Severity Override Guidance

Review the Trend Deep Security server configuration to ensure audit records are generated when successful/unsuccessful logon attempts occur.

Review the system using the Administration >> System Settings >> System Events for successful/unsuccessful attempts for "User Signed In" (Event ID 600).

If the options for “Record” and “Forward” are not enabled, this is a finding.

Check Content Reference

M

Target Key

2955

Comments