The Central Log Server must prevent the installation of organization-defined software and firmware components without verification that the component has been digitally signed using a certificate that is recognized and approved by the organization.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-263571	SRG-APP-000810-AU-000250	SV-263571r982429_rule		Medium

Description
Software and firmware components prevented from installation unless signed with recognized and approved certificates include software and firmware version updates, patches, service packs, device drivers, and basic input/output system updates. Organizations can identify applicable software and firmware components by type, by specific items, or a combination of both. Digital signatures and organizational verification of such signatures is a method of code authentication.

Description

Software and firmware components prevented from installation unless signed with recognized and approved certificates include software and firmware version updates, patches, service packs, device drivers, and basic input/output system updates. Organizations can identify applicable software and firmware components by type, by specific items, or a combination of both. Digital signatures and organizational verification of such signatures is a method of code authentication.

STIG	Date
Central Log Server Security Requirements Guide	2024-07-02

Details

Check Text ( C-67471r982428_chk )
Verify the Central Log Server is configured to prevent the installation of organization-defined software and firmware components without verification that the component has been digitally signed using a certificate that is recognized and approved by the organization. If the Central Log Server is not configured to prevent the installation of organization-defined software and firmware components without verification that the component has been digitally signed using a certificate that is recognized and approved by the organization, this is a finding.

Check Text ( C-67471r982428_chk )

Verify the Central Log Server is configured to prevent the installation of organization-defined software and firmware components without verification that the component has been digitally signed using a certificate that is recognized and approved by the organization.

If the Central Log Server is not configured to prevent the installation of organization-defined software and firmware components without verification that the component has been digitally signed using a certificate that is recognized and approved by the organization, this is a finding.

Fix Text (F-67379r981797_fix)
Configure the Central Log Server to prevent the installation of organization-defined software and firmware components without verification that the component has been digitally signed using a certificate that is recognized and approved by the organization.