Check: MFD06.001
Multifunction Device and Network Printers STIG:
MFD06.001
(in versions v2 r14 through v2 r9)
Title
The devices and their spoolers do not have auditing enabled. (Cat II impact)
Discussion
Without auditing the identification and prosecution of an individual that performs malicious actions is difficult if not impossible.
Check Content
The reviewer will, with the assistance of the SA, verify that devices and their spoolers have auditing fully enabled.
Fix Text
Configure the devices and their spoolers have auditing fully enabled.
Additional Identifiers
Rule ID: SV-7022r1_rule
Vulnerability ID: V-6797
Group Title: MFD and Spooler Auditing
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000130 |
The information system generates audit records containing information that establishes what type of event occurred. |
| CCI-000131 |
The information system generates audit records containing information that establishes when an event occurred. |
| CCI-000132 |
The information system generates audit records containing information that establishes where the event occurred. |
| CCI-000133 |
The information system generates audit records containing information that establishes the source of the event. |
| CCI-000134 |
The information system generates audit records containing information that establishes the outcome of the event. |
| CCI-001487 |
The information system generates audit records containing information that establishes the identity of any individuals or subjects associated with the event. |
Controls
| Number | Title |
|---|---|
| AU-3 |
Content Of Audit Records |