Title

The VMM must provide a report generation capability that supports on-demand audit review and analysis. (Cat II impact)

Discussion

The report generation capability must support on-demand review and analysis in order to facilitate the organization's ability to generate incident reports as needed to better handle larger-scale or more complex security incidents. Report generation must be capable of generating on-demand (i.e., customizable, ad hoc, and as-needed) reports. On-demand reporting allows personnel to report issues more rapidly to more effectively meet reporting requirements. Collecting log data and aggregating it to present the data in a single, consolidated report achieves this objective.

Check Content

Verify the VMM provides a report generation capability that supports on-demand audit review and analysis. If it does not, this is a finding.

Fix Text

Ensure the VMM provides a report generation capability that supports on-demand audit review and analysis.

Additional Identifiers

Rule ID: SV-207458r958770_rule

Vulnerability ID: V-207458

Group Title: SRG-OS-000350

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.