1.10.1 Ensure 'logging' is enabled | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | AUDIT AND ACCOUNTABILITY |
1.10.2 Ensure 'logging to Serial console' is disabled | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | AUDIT AND ACCOUNTABILITY |
1.10.11 Ensure 'logging trap severity ' is greater than or equal to '5' | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
1.10.11 Ensure 'logging trap severity level' is greater than or equal to '5' | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | AUDIT AND ACCOUNTABILITY |
3.1.12 Set administrative notification level | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
3.2 Enable security auditing | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
3.3 Configure Security Auditing Flags - 'audit successful/failed administrative events' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
3.3 Configure Security Auditing Flags - 'audit successful/failed file deletion events' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
Audit Directory Service Access | MSCT Windows Server v20H2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Ensure 'logging buffered severity ' is greater than or equal to '3' | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
Ensure 'logging to monitor' is disabled | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
Ensure 'logging trap severity ' is greater than or equal to '5' | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
Ensure 'logging trap' is enabled | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
Ensure 'logging with timestamps' is enabled - show logging | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
Ensure 'SNMP traps' is enabled - authentication | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
Ensure 'SNMP traps' is enabled - coldstart | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
Ensure 'SNMP traps' is enabled - linkup | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
Ensure email logging is enabled | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Audit Logon Events' | HIPAA Windows Audit | Windows | AUDIT AND ACCOUNTABILITY |
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'AUDIT_ACCOUNT_LOGON' | HIPAA Windows Audit | Windows | AUDIT AND ACCOUNTABILITY |
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Distribution Group Management' | HIPAA Windows Audit | Windows | AUDIT AND ACCOUNTABILITY |
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Kerberos Authentication Service' | HIPAA Windows Audit | Windows | AUDIT AND ACCOUNTABILITY |
IBM i : Auditing Control (QAUDCTL) - '!= *NONE' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | AUDIT AND ACCOUNTABILITY |
IBM i : Auditing Control (QAUDCTL) - '!= *NONE' | IBM System i Security Reference for V7R3 | AS/400 | AUDIT AND ACCOUNTABILITY |
IBM i : Auditing Control (QAUDCTL) - '!= *NONE' | IBM System i Security Reference for V7R2 | AS/400 | AUDIT AND ACCOUNTABILITY |
IBM i : Auditing Control (QAUDCTL) - '*NONE|*NOTAVL|*OBJAUD|*AUDLVL|*NOQTEMP' | IBM iSeries Security Reference v5r4 | AS/400 | AUDIT AND ACCOUNTABILITY |
IBM i : Auditing for New Objects (QCRTOBJAUD) - '*CHANGE' | IBM System i Security Reference for V7R3 | AS/400 | AUDIT AND ACCOUNTABILITY |
IBM i : Auditing for New Objects (QCRTOBJAUD) - '*CHANGE' | IBM System i Security Reference for V7R2 | AS/400 | AUDIT AND ACCOUNTABILITY |
IBM i : Auditing for New Objects (QCRTOBJAUD) - '*NONE' | IBM iSeries Security Reference v5r4 | AS/400 | AUDIT AND ACCOUNTABILITY |
IBM i : Auditing Force Level (QAUDFRCLVL) - '*SYS' | IBM System i Security Reference for V7R3 | AS/400 | AUDIT AND ACCOUNTABILITY |
IBM i : Auditing Level (QAUDLVL) - '*NONE' | IBM iSeries Security Reference v5r4 | AS/400 | AUDIT AND ACCOUNTABILITY |
IBM i : Auditing Level (QAUDLVL) - '*SECURITY' | IBM System i Security Reference for V7R2 | AS/400 | AUDIT AND ACCOUNTABILITY |
IBM i : Auditing Level Extension (QAUDLVL2) - '*NONE' | IBM iSeries Security Reference v5r4 | AS/400 | AUDIT AND ACCOUNTABILITY |
PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Audit Logon Events | PCI v2.0/v3.0 Windows Best Practices | Windows | AUDIT AND ACCOUNTABILITY |
PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Audit Policy Change | PCI v2.0/v3.0 Windows Best Practices | Windows | AUDIT AND ACCOUNTABILITY |
PCI 2.2.3/2.2.3.b/2.2.3.c/8.5.1 Verify common security parameter settings - Audit Account Logon Events | PCI v2.0/v3.0 Windows Best Practices | Windows | AUDIT AND ACCOUNTABILITY |
PCI 2.2.3/2.2.3.b/2.2.3.c/10.1/10.2.1/10.2.3 Verify common security parameter settings - Audit Object Access | PCI v2.0/v3.0 Windows Best Practices | Windows | AUDIT AND ACCOUNTABILITY |
PCI 2.2.3/2.2.3.b/2.2.3.c/10.2.7 Verify common security parameter settings - Audit System Events | PCI v2.0/v3.0 Windows Best Practices | Windows | AUDIT AND ACCOUNTABILITY |
PCI 8.1.2 Control addition, deletion, and modification of user IDs, credentials, and other identifier objects - Audit Account Management | PCI DSS 3.0 - Microsoft Windows | Windows | AUDIT AND ACCOUNTABILITY |
PCI 9.7 Maintain strict control over the internal or external distribution of any kind of media - 'audit successful mounts' | PCI DSS 2.0/3.0 - Red Hat Linux | Unix | AUDIT AND ACCOUNTABILITY |
PCI 10.1 Establish a process for linking all access to system components - 'audit condition = auditing' | PCI DSS 2.0/3.0 - Solaris 10 | Unix | AUDIT AND ACCOUNTABILITY |
PCI 10.2.1 Monitor all individual accesses to cardholder data - '/var/log/lastlog' | PCI DSS 2.0/3.0 - Red Hat Linux | Unix | AUDIT AND ACCOUNTABILITY |
PCI 10.2.2 All actions taken by any individual with root or administrative privileges - Audit Account Logon Events: Success and Failure | PCI DSS 3.0 - Microsoft Windows | Windows | AUDIT AND ACCOUNTABILITY |
PCI 10.2.2 All actions taken by any individual with root or administrative privileges - Audit Logon Events: Success and Failure | PCI DSS 3.0 - Microsoft Windows | Windows | AUDIT AND ACCOUNTABILITY |
PCI 10.3.2 - Verify type of event is included in log entries - '/etc/security/audit/config - bin1 = /audit/bin1' | PCI DSS 2.0/3.0 - AIX | Unix | AUDIT AND ACCOUNTABILITY |
PCI 10.3.2 - Verify type of event is included in log entries - '/etc/security/audit/config - binmode = on' | PCI DSS 2.0/3.0 - AIX | Unix | AUDIT AND ACCOUNTABILITY |
PCI 10.3.2 - Verify type of event is included in log entries - '/etc/security/audit/config - streammode = off' | PCI DSS 2.0/3.0 - AIX | Unix | AUDIT AND ACCOUNTABILITY |
PCI 10.3.2 - Verify type of event is included in log entries - '/etc/security/audit/config - trail = /audit/trail' | PCI DSS 2.0/3.0 - AIX | Unix | AUDIT AND ACCOUNTABILITY |
PCI 10.3.2 - Verify type of event is included in log entries - '/etc/security/audit/config root = general,SRC,mail,cron,tcpip,ipsec,lvm' | PCI DSS 2.0/3.0 - AIX | Unix | AUDIT AND ACCOUNTABILITY |
PCI 10.3.2 - Verify type of event is included in log entries - 'user auditclasses = general,SRC,cron,tcpip' | PCI DSS 2.0/3.0 - AIX | Unix | AUDIT AND ACCOUNTABILITY |