Navigate

Check: GEN002660

HP-UX 11.23 STIG: GEN002660 (in version v1 r8)

Title

Auditing must be implemented. (Cat II impact)

Discussion

Without auditing, individual system accesses cannot be tracked and malicious activity cannot be detected and traced back to an individual account.

Check Content

Determine if auditing is enabled. # audsys If the audit service is not running, this is a finding.

Fix Text

In order to turn auditing on, the system must first be in Trusted Mode. Next, turn on the auditing system. The system will use existing current and next audit trails (if configured). # sam Then: Auditing and Security -> Audited Events -> Actions -> Turn Auditing On.

Additional Identifiers

Rule ID: SV-35269r1_rule

Vulnerability ID: V-811

Group Title: GEN002660

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000169	The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AU-12	Audit Generation