The network device must use automated mechanisms to support auditing of the enforcement actions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000120-NDM-000078 | SRG-NET-000120-NDM-000078 | SRG-NET-000120-NDM-000078_rule | Medium |
| Description |
|---|
| Changes to the hardware or software components of the network device can have significant effects on the overall security of the network. Maintaining audit log records of access events helps to ensure change control is being implemented. Also, the log records support incident investigation. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000120-NDM-000078_chk ) |
|---|
| Review the network device configuration settings to verify automated mechanisms are used to support the auditing of enforcement actions taken in response to access restrictions. If the network device does not have automated mechanisms in place for supporting the auditing of enforcement actions, this is a finding. |
| Fix Text (F-SRG-NET-000120-NDM-000078_fix) |
|---|
| Enable automated mechanisms to support auditing of the enforcement actions taken in response to configured access restrictions. |