UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network element must protect audit tools from unauthorized deletion.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000103-FW-NA SRG-NET-000103-FW-NA SRG-NET-000103-FW-NA_rule Medium
Description
Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Depending upon the log format and application, system and application log tools may provide the only means to manipulate and manage application and system log data. If the tools are compromised it could provide attackers with the capability to manipulate log data. It is imperative for audit tools to be controlled and protected from unauthorized modification. Audit tools include, but are not limited to, OS provided audit tools, vendor provided audit tools, and open source audit tools needed to successfully view and manipulate audit information system activity and records. Protection of audit tools is not a function of the firewall. Installation of non-firewall functionality is discouraged.
STIG Date
Firewall Security Requirements Guide 2012-12-10

Details

Check Text ( C-SRG-NET-000103-FW-NA_chk )
This requirement is NA for firewall. No fix required.
Fix Text (F-SRG-NET-000103-FW-NA_fix)
This requirement is NA for firewall. No fix required.