UCF STIG Viewer Logo

The operating system must employ automated mechanisms to support auditing of the enforcement actions.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-OS-000089-ESXI5-PNF SRG-OS-000089-ESXI5-PNF SRG-OS-000089-ESXI5-PNF_rule Medium
Description
Any changes to the hardware, software, and/or firmware components of the information system and/or application can potentially have significant effects on the overall security of the system. Accordingly, only qualified and authorized individuals are allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications. Auditing this information is critical to both the configuration management process and in the event of an intrusion. Permanent not a finding - Auditing cannot be configured like with a GP OS. These actions are audited by default and cannot be configured.
STIG Date
VMware ESXi v5 Security Technical Implementation Guide 2013-01-15

Details

Check Text ( C-SRG-OS-000089-ESXI5-PNF_chk )
ESXi supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding.
Fix Text (F-SRG-OS-000089-ESXI5-PNF_fix)
This requirement is permanent not a finding. No fix is required.