Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-7978 | DSN15.06 | SV-8464r1_rule | ECAT-1 ECAT-2 ECRG-1 ECSC-1 | Medium |
Description |
---|
Requirement: The IAO will ensure that audit records (files) are stored on-line for 90 days and off-line for an additional 12 months. By reviewing audit records on a weekly schedule, the ISSO/IAO ensures that any suspicious activity is detected in a timely manner. |
STIG | Date |
---|---|
Defense Switched Network (DSN) STIG | 2017-01-19 |
Check Text ( C-7690r1_chk ) |
---|
Interview the IAO and/or SA to confirm compliance through discussion, review of site policy and procedures, diagrams, documentation, configuration files, logs, records, DAA/other approvals, etc as applicable. |
Fix Text (F-7553r1_fix) |
---|
The ISSO/IAO or security auditor should review audit records weekly for suspicious activity. |