UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The container platform must audit non-local maintenance and diagnostic sessions' organization-defined audit events associated with non-local maintenance.


Overview

Finding ID Version Rule ID IA Controls Severity
V-233206 SRG-APP-000409-CTR-000990 SV-233206r601808_rule Medium
Description
To fully investigate an attack, it is important to understand the event and those events taking place during the same time period. Often, non-local administrative access and diagnostic sessions are not logged. These events are seen as only administrative functions and not worthy of being audited, but these events are important in any investigation and are a major tool for assessing and investigating attacks.
STIG Date
Container Platform Security Requirements Guide 2021-12-14

Details

Check Text ( C-36142r601807_chk )
Review the container platform to verify if the platform is auditing non-local maintenance and diagnostic sessions' organization-defined audit events.

If the container platform is not auditing non-local maintenance and diagnostic sessions' organization-defined audit events, this is a finding.
Fix Text (F-36110r601106_fix)
Configure the container platform to audit non-local maintenance and diagnostic sessions' organization-defined audit events.