V-233041
SV-233041r960888_rule
CAT II
The container platform must initiate session auditing upon startup.
From: Container Platform Security Requirements Guide (V2R4)
Description
<VulnDiscussion>When the container platform is started, container platform components and user services can also be started. It is important that the container platform begin auditing on startup in order to handle container platform startup events along with events for container platform components and services that begin on startup.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Review the container platform configuration for session audits.
Ensure audit policy for session logging at startup is enabled.
Verify events are written to the log.
Validate system documentation is current.
If the container platform is not configured to meet this requirement, this is a finding.
Fix Text
Configure the container platform to generate audit logs for session logging at startup. Revise all applicable system documentation.
CCI Reference
CCI-001464- Created
- 2026-04-07 20:08:14
- Last Updated
- 2026-04-07 20:08:14