Check: DSN15.06
Defense Switched Network (DSN) STIG:
DSN15.06
(in versions v2 r8 through v2 r7)
Title
Audit records are not being reviewed by the ISSO/IAO weekly. (Cat II impact)
Discussion
Requirement: The IAO will ensure that audit records (files) are stored on-line for 90 days and off-line for an additional 12 months. By reviewing audit records on a weekly schedule, the ISSO/IAO ensures that any suspicious activity is detected in a timely manner.
Check Content
Interview the IAO and/or SA to confirm compliance through discussion, review of site policy and procedures, diagrams, documentation, configuration files, logs, records, DAA/other approvals, etc as applicable.
Fix Text
The ISSO/IAO or security auditor should review audit records weekly for suspicious activity.
Additional Identifiers
Rule ID: SV-8464r1_rule
Vulnerability ID: V-7978
Group Title: Audit records are not being reviewed weekly
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |