Title

Applications must allocate audit record storage capacity. (Cat II impact)

Discussion

In order to ensure applications have a sufficient storage capacity in which to write the audit logs, applications need to be able to allocate audit record storage capacity. The task of allocating audit record storage capacity is usually performed during initial installation of the application and is closely associated with the DBA and system administrator roles. The DBA or system administrator will usually coordinate the allocation of physical drive space with the application owner/installer and the application will prompt the installer to provide the capacity information, the physical location of the disk, or both. Rationale for non-applicability: This control is required in the MOS SRG. Mobile applications are expected to use system logs for audit records to facilitate centralized reporting and alerting. If a mobile application were able to allocate record storage in the system logs, this would be a DoS vulnerability for other applications.

Check Content

This requirement is NA for the MAPP SRG.

Fix Text

The requirement is NA. No fix is required.

Additional Identifiers

Rule ID: SV-46547r1_rule

Vulnerability ID: V-35260

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.