UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

File-auditing configuration does not meet minimum requirements.


Overview

Finding ID Version Rule ID IA Controls Severity
V-1080 2.007 SV-29474r1_rule ECAR-1 ECAR-2 ECAR-3 Medium
Description
Improper modification of the core system files can render a system inoperable. Further, modifications to these system files can have a significant impact on the security configuration of the system. Auditing of significant modifications made to the system files provides a method of determining the responsible party.
STIG Date
Windows 2008 Domain Controller Security Technical Implementation Guide 2013-07-03

Details

Check Text ( C-23r1_chk )
If system-level auditing is not enabled, or if the system and data partitions are not installed on NTFS partitions, then mark this as a finding.

Open Windows Explorer and use the file and folder properties function to verify that the audit settings on each partition/drive is configured to audit all "failures" for the "Everyone" group.

If any partition/drive is not configured to at least the minimum requirement, then this is a finding.
Fix Text (F-52r1_fix)
Configure auditing on each partition/drive to audit all "Failures" for the "Everyone" group.