STIGQter: STIG Summary: CA API Gateway NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 19 Sep 2016:

The CA API Gateway must shut down by default upon audit failure (unless availability is an overriding concern).

DISA Rule

SV-86147r1_rule

Vulnerability Number

V-71523

Group Title

SRG-APP-000109-NDM-000233

Rule Version

CAGW-DM-000120

Severity

CAT II

CCI(s)

CCI-000140 - The information system takes organization-defined actions upon audit failure (e.g., shut down information system, overwrite oldest audit records, stop generating audit records).

Weight

Fix Recommendation

Configure the "auditd" configuration file "/etc/audit/auditd.conf" by adding these lines:

disk_full_action = HALT
disk_error_action = HALT

Check Contents

Verify the "/etc/audit/auditd.conf" file contains the lines:

disk_full_action = HALT
disk_error_action = HALT

If "/etc/audit/auditd.conf" does not contain these lines, this is a finding.

Vulnerability Number

V-71523

Documentable

False

Rule Version

CAGW-DM-000120

Severity Override Guidance

Verify the "/etc/audit/auditd.conf" file contains the lines:

disk_full_action = HALT
disk_error_action = HALT

If "/etc/audit/auditd.conf" does not contain these lines, this is a finding.

Check Content Reference

Target Key

3051

The CA API Gateway must shut down by default upon audit failure (unless availability is an overriding concern).

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments