The Cassandra Server must generate audit records when security objects are deleted.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-72713 | VROM-CS-000335 | SV-87345r1_rule | Medium |
| Description |
|---|
| The removal of security objects from the database/DBMS would seriously degrade a system's information assurance posture. If such an event occurs, it must be logged. |
| STIG | Date |
|---|---|
| vRealize - Cassandra Security Technical Implementation Guide | 2017-06-06 |
Details
| Check Text ( C-72869r1_chk ) |
|---|
| Review the Cassandra Server configuration to ensure audit records are generated when security objects are deleted. At the command prompt, execute the following command: # grep ' If level is not set to "ALL", this is a finding. |
| Fix Text (F-79117r1_fix) |
|---|
| Configure the Cassandra Server to generate audit records when security objects are deleted. At the command line execute the following command: # sed -i 's/^\(\s*\) |