An error occurred:

Check: MFD07.004

Multifunction Device and Network Printers Security Technical Implemetation Guide: MFD07.004 (in versions v2 r15 through v2 r9)

Title

Auditing of user access and fax logs must be enabled when fax from the network is enabled. (Cat III impact)

Discussion

Without auditing the originator and destination of a fax cannot be determined. Prosecuting of an individual who maliciously compromises sensitive data via a fax will be hindered without audits. The SA will ensure auditing of user access and fax logging is enabled if fax from the network is enabled.

Check Content

The reviewer will, with the assistance from the SA, verify auditing of user access and fax logging is enabled if fax from the network is enabled. If auditing of user access and fax logging is not enabled, this is a finding.

Fix Text

Configure the MFD to audit faxing. If this is not possible, disable the fax functionality and disconnect the phone line from the MFD.

Additional Identifiers

Rule ID: SV-7028r2_rule

Vulnerability ID: V-6803

Group Title: MFD fax from network auditing

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check