Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-OS-000089-ESXI5-PNF | SRG-OS-000089-ESXI5-PNF | SRG-OS-000089-ESXI5-PNF_rule | Medium |
Description |
---|
Any changes to the hardware, software, and/or firmware components of the information system and/or application can potentially have significant effects on the overall security of the system. Accordingly, only qualified and authorized individuals are allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications. Auditing this information is critical to both the configuration management process and in the event of an intrusion. Permanent not a finding - Auditing cannot be configured like with a GP OS. These actions are audited by default and cannot be configured. |
STIG | Date |
---|---|
VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Check Text ( C-SRG-OS-000089-ESXI5-PNF_chk ) |
---|
ESXi supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding. |
Fix Text (F-SRG-OS-000089-ESXI5-PNF_fix) |
---|
This requirement is permanent not a finding. No fix is required. |