STIGQter: STIG Summary: vRealize - Cassandra Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The Cassandra Server must generate audit records when unsuccessful attempts to modify security objects occur.

DISA Rule

SV-87339r1_rule

Vulnerability Number

V-72707

Group Title

SRG-APP-000496-DB-000335

Rule Version

VROM-CS-000310

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the Cassandra Server to generate audit records when unsuccessful attempts to modify security objects occur.

Open console to the server, Cassandra DB is hosted at, and type: "find / | grep "logback.xml"". Open "logback.xml" file and set "level" parameter value under <root /> to "ALL".

Check Contents

Review the Cassandra Server configuration to ensure audit records are generated when unsuccessful attempts to modify security objects occur.

Open console to the server, Cassandra DB is hosted at, and type: "find / | grep "logback.xml"". Open "logback.xml" file and review "level" parameter value under <root />.

If level is not set to "ALL", this is a finding.

Vulnerability Number

V-72707

Documentable

False

Rule Version

VROM-CS-000310

Severity Override Guidance

Review the Cassandra Server configuration to ensure audit records are generated when unsuccessful attempts to modify security objects occur.

Open console to the server, Cassandra DB is hosted at, and type: "find / | grep "logback.xml"". Open "logback.xml" file and review "level" parameter value under <root />.

If level is not set to "ALL", this is a finding.

Check Content Reference

M

Target Key

3179

Comments