Documentation - V-222478

V-222478

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must generate audit records containing the full-text recording of privileged commands or the individual identities of group account users.

Description

<VulnDiscussion>Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information. Organizations consider limiting the additional audit information to only that information explicitly needed for specific audit requirements. The additional information required is dependent on the type of information (i.e., sensitivity of the data and the environment within which it resides). At a minimum, the organization must audit either full-text recordin...

Fix Text (Documentation Requirement)

Configure the application to log the full text recording of privileged commands or the individual identities of group users.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel