The auditing records do not record activities that may change, bypass, or negate safeguards built into the software.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-7976	DSN15.04	SV-8462r1_rule	ECAR-3 ECLC-1 ECSC-1	Medium

Description
Requirement: The IAO will ensure that the auditing process records commands, actions, and activities executed during each session that might change, bypass, or negate safeguards built into the software. Actions that have the potential to change, bypass, or negate safeguards must be recorded in the audit files. This will identify suspicious activities that are being investigated and will assist investigators in following the course of events that have led to a situation that is being examined.

Description

Requirement: The IAO will ensure that the auditing process records commands, actions, and activities executed during each session that might change, bypass, or negate safeguards built into the software. Actions that have the potential to change, bypass, or negate safeguards must be recorded in the audit files. This will identify suspicious activities that are being investigated and will assist investigators in following the course of events that have led to a situation that is being examined.

STIG	Date
Defense Switched Network STIG	2015-01-02

Details

Check Text ( C-7373r1_chk )
Have the IAO or SA demonstrate compliance with the requirement; minimally on a sampling of the related or effected devices. Inspect configuration files as applicable.

Fix Text (F-7551r1_fix)
Ensure that the system records commands, actions, and activities executed during each user session that might change, bypass, or negate safeguards built into the software.