STIGQter: STIG Summary: Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

AAA Services must be configured to generate audit records overwriting the oldest audit records in a first-in-first-out manner.

DISA Rule

SV-95583r1_rule

Vulnerability Number

V-80873

Group Title

SRG-APP-000109-AAA-000300

Rule Version

SRG-APP-000109-AAA-000300

Severity

CAT II

CCI(s)

CCI-000140 - The information system takes organization-defined actions upon audit failure (e.g., shut down information system, overwrite oldest audit records, stop generating audit records).

Weight

Fix Recommendation

Configure AAA Services to generate audit records overwriting the oldest audit records in a first-in-first-out manner. Some specific implementations may further require automatically restarting the audit service to synchronize the local audit data with the collection server. The configuration must continue generating audit records, even when failures are caused by the lack of audit record storage capacity.

Check Contents

Verify AAA Services are configured to generate audit records overwriting the oldest audit records in a first-in-first-out manner. When failures are caused by the lack of audit record storage capacity, AAA Services must continue generating audit records.

If AAA Services are not configured to generate audit records overwriting the oldest audit records in a first-in-first-out manner, this is a finding.

AAA Services must be configured to generate audit records overwriting the oldest audit records in a first-in-first-out manner.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments