Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-69089	PPS9-00-011150	SV-83693r1_rule		Medium

Description
Changes in categorized information must be tracked. Without an audit trail, unauthorized access to protected data could go undetected. To aid in diagnosis, it is necessary to keep track of failed attempts in addition to the successful ones. For detailed information on categorizing information, refer to FIPS Publication 199, Standards for Security Categorization of Federal Information and Information Systems, and FIPS Publication 200, Minimum Security Requirements for Federal Information and Information Systems.

Description

Changes in categorized information must be tracked. Without an audit trail, unauthorized access to protected data could go undetected. To aid in diagnosis, it is necessary to keep track of failed attempts in addition to the successful ones. For detailed information on categorizing information, refer to FIPS Publication 199, Standards for Security Categorization of Federal Information and Information Systems, and FIPS Publication 200, Minimum Security Requirements for Federal Information and Information Systems.

STIG	Date
EDB Postgres Advanced Server Security Technical Implementation Guide	2016-08-19

Details

Check Text ( C-69563r1_chk )
Review the system documentation to determine whether it is required to track categorized information, such as classification or sensitivity level. If it is not, this is not applicable (NA). Execute the following SQL as enterprisedb: SHOW edb_audit_statement; If the result is not "all", this is a finding.

Fix Text (F-75275r1_fix)
Execute the following SQL as enterprisedb: ALTER SYSTEM SET edb_audit_statement = 'all'; SELECT pg_reload_conf()