Navigate

Check: SRG-APP-000358-AAA-000280

AAA Services SRG: SRG-APP-000358-AAA-000280 (in versions v2 r2 through v2 r1)

Title

AAA Services must be configured to send audit records to a centralized audit server. (Cat II impact)

Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.

Check Content

Verify AAA Services are configured to send audit records to a centralized audit server. If AAA Services are not configured to send audit records to a centralized audit server, this is a finding.

Fix Text

Configure AAA Services to send audit records to a centralized audit server.

Additional Identifiers

Rule ID: SV-204690r961395_rule

Vulnerability ID: V-204690

Group Title: SRG-APP-000358

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001851	Transfer audit logs per organization-defined frequency to a different system, system component, or media than the system or system component conducting the logging.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AU-4(1)	Transfer to Alternate Storage