UCF STIG Viewer Logo

Attempts to access ports, protocols, or services that are denied are not logged..


Overview

Finding ID Version Rule ID IA Controls Severity
V-6648 SAN04.020.00 SV-6794r1_rule Low
Description
Logging or auditing of failed access attempts is a necessary component for the forensic investigation of security incidents. Without logging there is no way to demonstrate that the access attempt was made or when it was made. Additionally a pattern of access failures cannot be demonstrated to assert that an intended attack was being made as apposed to an accidental intrusion. The IAO/NSO will ensure that all attempts to any port, protocol, or service that is denied are logged.
STIG Date
Storage Area Network STIG 2019-06-28

Details

Check Text ( C-2574r1_chk )
The reviewer will, with the assistance of the IAO/NSO, verify that all attempts to any port, protocol, or service that is denied are logged.
Fix Text (F-6251r1_fix)
Develop a plan to implement the logging of failed or rejected ports, protocols or services requests. The plan should include a projection of the storage requirements of the logged events. Obtain CM approval of the plan and execute it.