Central Log Server SRG

Central Log Server Security Requirements Guide

ID Vuln ID Title Cat Status
SRG-APP-000392-AU-002300 V-206507 The Central Log Server must be configured to electronically verify the DoD CAC credential. Cat II
SRG-APP-000115-AU-000160 V-206456 The Central Log Server must be configured to perform on-demand filtering of the log records for events of interest based on organization-defined criteria. Cat III
SRG-APP-000026-AU-000580 V-221900 The Central Log Server must automatically audit account creation. Cat II
SRG-APP-000120-AU-000120 V-221916 The Central Log Server must protect audit information from unauthorized deletion. Cat II
SRG-APP-000374-AU-000290 V-206504 Upon receipt of the log record from hosts and devices, the Central Log Server must be configured to record time stamps of the time of receipt that can be mapped to Coordinated Universal Time (UTC). Cat III
SRG-APP-000181-AU-000200 V-206483 The Central Log Server must be configured to perform audit reduction that supports on-demand reporting requirements. Cat II
SRG-APP-000439-AU-004310 V-206509 The Central Log Server must be configured to protect the confidentiality and integrity of transmitted information. Cat I
SRG-APP-000365-AU-000210 V-206498 The Central Log Server must be configured to perform audit reduction that supports after-the-fact investigations of security incidents. Cat III
SRG-APP-000149-AU-002280 V-206461 The Central Log Server must use multifactor authentication for network access to privileged user accounts. Cat II
SRG-APP-000171-AU-002540 V-206474 For accounts using password authentication, the Central Log Server must be configured to store only cryptographic representations of passwords. Cat I
SRG-APP-000029-AU-000610 V-221903 The Central Log Server must automatically audit account removal actions. Cat II
SRG-APP-000089-AU-000400 V-206453 The Central Log Server must be configured to retain the DoD-defined attributes of the log records sent by the devices and hosts. Cat II
SRG-APP-000515-AU-000110 V-206511 The Central Log Server must be configured to off-load interconnected systems in real time and off-load standalone systems weekly, at a minimum. Cat III
SRG-APP-000167-AU-002500 V-206470 The Central Log Server must be configured to enforce password complexity by requiring that at least one lower-case character be used. Cat III
SRG-APP-000361-AU-000140 V-206494 The Central Log Server must be configured to send an immediate alert to the System Administrator (SA) or Information System Security Officer (ISSO) if communication with the host and devices within its scope of coverage is lost. Cat III

Print

Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Print

Version Changes

If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.
Changes