Navigate

CCI-001071

CCI-001071 Definition

The organization reviews historic audit logs to determine if a vulnerability identified in the information system has been previously exploited.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed reviews audit logs and determines if the identified vulnerability has been previously exploited within the information system. Any findings must be documented and acted upon IAW IR-1.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the audit trail to determine if the organization has documented any previously identified exploited vulnerabilities.

Compelling Evidence

1.) Audit logs.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001071.

Control	Description
RA-5 (8)	The organization reviews historic audit logs to determine if a vulnerability identified in the information system has been previously exploited.