The operating system must support the capability to compile audit records from multiple components within the system into a system-wide (logical or physical) audit trail that is time-correlated to within organization defined level of tolerance.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-32982	SRG-OS-000065-NA	SV-43380r1_rule		Medium

Description
Audit generation and audit records can be generated from various components within the information system. The list of audited events is the set of events for which audits are to be generated. This set of events is typically a subset of the list of all events for which the system is capable of generating audit records (i.e., auditable events). Rationale for non-applicability: This vulnerability is better addressed by CCI-000136, which deals with central log management. An MDM or log tool will combine the records, not the mobile device.

Description

Audit generation and audit records can be generated from various components within the information system. The list of audited events is the set of events for which audits are to be generated. This set of events is typically a subset of the list of all events for which the system is capable of generating audit records (i.e., auditable events). Rationale for non-applicability: This vulnerability is better addressed by CCI-000136, which deals with central log management. An MDM or log tool will combine the records, not the mobile device.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41281r1_chk )
This requirement is NA for the Mobile OS SRG.

Fix Text (F-36896r1_fix)
The requirement is NA. No fix is required.