The network element must invoke a system shutdown in the event of an audit failure, unless an alternative audit capability exists.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-27074 | SRG-NET-000171 | SV-34369r1_rule | Medium |
| Description |
|---|
| It is critical that when a network device is at risk of failing to process audit logs as required, it takes action to mitigate the failure. If the device were to continue processing without auditing enabled, a network device or the network itself could be compromised without any information that can be used for the trace back of an attack and for forensic analysis. |
| STIG | Date |
|---|---|
| Network Security Requirements Guide | 2011-12-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (None) |
|---|
| None |