An error occurred:

Check: SRG-APP-000343-CTR-000780

Container Platform SRG: SRG-APP-000343-CTR-000780 (in versions v1 r5 through v1 r1)

Title

The container platform must audit the execution of privileged functions. (Cat II impact)

Discussion

Privileged functions within the container platform can be component specific or can envelope the entire container platform. Because of the nature of the commands, it is important to understand what command was executed for either investigation of an incident or for debugging/error correction; therefore, privileged function execution must be audited.

Check Content

Review container platform documentation and log configuration to verify the application server logs privileged activity. If the container platform is not configured to log privileged activity, this is a finding.

Fix Text

Configure the container platform to log privileged activity.

Additional Identifiers

Rule ID: SV-233164r879720_rule

Vulnerability ID: V-233164

Group Title: SRG-APP-000343

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-002234

The information system audits the execution of privileged functions.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-6 (9)

Auditing Use Of Privileged Functions