An error occurred:

Check: SRG-APP-000358-AAA-000280

Authentication, Authorization, and Accounting Services (AAA) SRG: SRG-APP-000358-AAA-000280 (in versions v1 r2 through v1 r1)

Title

AAA Services must be configured to send audit records to a centralized audit server. (Cat II impact)

Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.

Check Content

Verify AAA Services are configured to send audit records to a centralized audit server. If AAA Services are not configured to send audit records to a centralized audit server, this is a finding.

Fix Text

Configure AAA Services to send audit records to a centralized audit server.

Additional Identifiers

Rule ID: SV-95579r1_rule

Vulnerability ID: V-80869

Group Title: SRG-APP-000358-AAA-000280

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001851

The information system off-loads audit records per organization-defined frequency onto a different system or media than the system being audited.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AU-4 (1)

Transfer To Alternate Storage