The IAO will ensure, for classified systems, application audit trails are continuously and automatically monitored, and alerts are provided immediately when unusual or inappropriate activity is detected.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-16843	APP6130	SV-17843r1_rule	ECAT-2	Low

Description
For critical and classified systems, an automated, continuous on-line monitoring and audit trail creation capability must be deployed with the capability to immediately alert personnel of any unusual or inappropriate activity with potential IA implications, and with a user configurable capability to automatically disable the system if serious IA violations are detected. This protects the system from serious data compromises.

Description

For critical and classified systems, an automated, continuous on-line monitoring and audit trail creation capability must be deployed with the capability to immediately alert personnel of any unusual or inappropriate activity with potential IA implications, and with a user configurable capability to automatically disable the system if serious IA violations are detected. This protects the system from serious data compromises.

STIG	Date
Application Security and Development Checklist	2014-12-22

Details

Check Text ( C-17850r1_chk )
Interview the application representative and determine if any logs are being automatically monitored and if alerts are sent out on any activities. 1) If there are no automated alerts, this is a finding.

Fix Text (F-17165r1_fix)
Modify the application to implement automatic monitoring and alerts.