STIGQter STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must generate audit records for privileged activities or other system-level access.

DISA Rule

SV-80517r1_rule

Vulnerability Number

V-66027

Group Title

SRG-APP-000504

Rule Version

TMDS-00-000385

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to generate audit records for privileged activities or other system-level access.

Enable the necessary privileged functions by selecting “Record” and “Forward” within the Administration >> System Settings >> System Events, system settings.

Check Contents

Review the Trend Deep Security server configuration to ensure audit records are generated for privileged activities or other system-level access.

Interview the ISSO for a list of functions identified as privileged within the application “System Events.” Privileged functions within the system events will include but are not limited to: Computer Created, Computer Deleted, User Added, etc.
Verify the list against the Administration >> System Settings >> System Events tab.

If the events are not set to “Record” and “Forward”, this is a finding.

Vulnerability Number

V-66027

Documentable

False

Rule Version

TMDS-00-000385

Severity Override Guidance

Review the Trend Deep Security server configuration to ensure audit records are generated for privileged activities or other system-level access.

Interview the ISSO for a list of functions identified as privileged within the application “System Events.” Privileged functions within the system events will include but are not limited to: Computer Created, Computer Deleted, User Added, etc.
Verify the list against the Administration >> System Settings >> System Events tab.

If the events are not set to “Record” and “Forward”, this is a finding.

Check Content Reference

M

Target Key

2955

Comments