UCF STIG Viewer Logo

Audit records are not being reviewed by the ISSO/IAO weekly.


Overview

Finding ID Version Rule ID IA Controls Severity
V-7978 DSN15.06 SV-8464r1_rule ECAT-1 ECAT-2 ECRG-1 ECSC-1 Medium
Description
Requirement: The IAO will ensure that audit records (files) are stored on-line for 90 days and off-line for an additional 12 months. By reviewing audit records on a weekly schedule, the ISSO/IAO ensures that any suspicious activity is detected in a timely manner.
STIG Date
Defense Switched Network (DSN) STIG 2017-01-19

Details

Check Text ( C-7690r1_chk )
Interview the IAO and/or SA to confirm compliance through discussion, review of site policy and procedures, diagrams, documentation, configuration files, logs, records, DAA/other approvals, etc as applicable.
Fix Text (F-7553r1_fix)
The ISSO/IAO or security auditor should review audit records weekly for suspicious activity.