UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must produce audit records that contain information to establish the outcome of the event.


Overview

Finding ID Version Rule ID IA Controls Severity
V-55137 SRG-APP-000099-NDM-000229 SV-69383r1_rule Medium
Description
Without information about the outcome of events, security personnel cannot make an accurate assessment as to whether an attack was successful or if changes were made to the security state of the system. Event outcomes can include indicators of event success or failure and event-specific results (e.g., the security state of the device after the event occurred). As such, they also provide a means to measure the impact of an event and help authorized personnel to determine the appropriate response.
STIG Date
Network Device Management Security Requirements Guide 2017-12-28

Details

Check Text ( C-55757r1_chk )
Determine if the network device is configured to produce audit records that contain information to establish the outcome of the event. If the network device does not produce audit records that contain information to establish the outcome of the event, this is a finding.
Fix Text (F-60001r1_fix)
Configure the network device to produce audit records that contain information to establish the outcome of the event.