Documentation - V-222509

V-222509

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The integrity of the audit tools must be validated by checking the files for changes in the cryptographic hash value.

Description

<VulnDiscussion>Protecting the integrity of the tools used for auditing purposes is a critical step to ensuring the integrity of audit data. Audit data includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity. Audit tools include, but are not limited to, vendor provided and open source audit tools needed to successfully view and manipulate audit information system activity and records. Audit tools include custom q...

Fix Text (Documentation Requirement)

Establish a process to periodically check the audit tool cryptographic hashes to ensure the audit tools have not been tampered with.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel