Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
File auditing configuration must meet minimum requirements.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-1080 | WN08-GE-000004 | SV-48020r1_rule | ECAR-1 ECAR-2 ECAR-3 | Medium |
| Description |
|---|
| Improper modification of the core system files can render a system inoperable. Further, modifications to these system files can have a significant impact on the security configuration of the system. Auditing of significant modifications made to the system files provides a method of determining the responsible party. |
| STIG | Date |
|---|---|
| Windows 8 Security Technical Implementation Guide | 2013-02-15 |
Details
| Check Text ( C-44758r1_chk ) |
|---|
| If system-level auditing is not enabled, or if the system and data partitions are not installed on NTFS partitions, then mark this as a finding. Open File Explorer and use the file and folder properties function to verify that the audit settings on each partition/drive are configured to audit all "Failures" for the "Everyone" group. If any partition/drive is not configured to at least the minimum requirement, this is a finding. |
| Fix Text (F-41158r1_fix) |
|---|
| Configure auditing on each partition/drive to audit all "Failures" for the "Everyone" group. |