The operating system must use cryptographic mechanisms to protect the integrity of audit tools.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33289	SRG-OS-000278-NA	SV-43708r1_rule		Medium

Description
Auditing and logging are key components of any security architecture. It is essential security personnel know what is being done, what attempted to be done, where it was done, when it was done, and by whom in order to compile an accurate risk assessment. Cryptographic mechanisms must be used to protect the integrity of the audit tools used for audit reduction and reporting. Rationale for non-applicability: A mobile OS typically does not have local audit or maintenance tools. Audit tool functionality is required in the MDM SRG.

Description

Auditing and logging are key components of any security architecture. It is essential security personnel know what is being done, what attempted to be done, where it was done, when it was done, and by whom in order to compile an accurate risk assessment. Cryptographic mechanisms must be used to protect the integrity of the audit tools used for audit reduction and reporting. Rationale for non-applicability: A mobile OS typically does not have local audit or maintenance tools. Audit tool functionality is required in the MDM SRG.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41586r1_chk )
This requirement is NA for the Mobile OS SRG.

Fix Text (F-37219r1_fix)
The requirement is NA. No fix is required.