UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

There is no local policy for reviewing audit logs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3491 1.029 SV-29722r2_rule ECAT-1 ECAT-2 Medium
Description
To be of value, audit logs from servers and other critical systems will be reviewed on a daily basis to identify security breaches and potential weaknesses in the security structure. This can be done with the use of monitoring software or other utilities for this purpose.
STIG Date
Windows 2003 Domain Controller Security Technical Implementation Guide 2014-06-27

Details

Check Text ( C-3244r2_chk )
The site will have a policy that requires servers and other critical systems be reviewed on a daily basis to identify possible security breaches and weakness. This can be accomplished with the use of monitoring software or other utilities for this purpose.
Fix Text (F-6578r1_fix)
Create a site policy that mandates review of audit logs.