800-53|AC-6(9)

Title

AUDITING USE OF PRIVILEGED FUNCTIONS

Description

The information system audits the execution of privileged functions.

Supplemental

Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse, and in doing so, help mitigate the risk from insider threats and the advanced persistent threat (APT).

Reference Item Details

Related: AU-2

Category: ACCESS CONTROL

Parent Title: LEAST PRIVILEGE

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.2.1 Ensure AIDE is installedUnixCIS Debian 10 Server L1 v2.0.0
1.2.1 Ensure AIDE is installedUnixCIS Debian 10 Workstation L1 v2.0.0
1.2.1 Ensure AIDE is installedUnixCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1
1.2.1 Ensure AIDE is installedUnixCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1
1.2.1 Ensure dm-verity is enabledUnixCIS Google Container-Optimized OS L1 Server v1.1.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS Linux 8 Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Amazon Linux 2023 Server L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.1
1.3.1 Ensure AIDE is installedUnixCIS Debian 8 Workstation L1 v2.0.2
1.3.1 Ensure AIDE is installedUnixCIS Rocky Linux 9 Workstation L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 7 Workstation L1 v3.1.1
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 7 Server L1 v3.1.1
1.3.1 Ensure AIDE is installedUnixCIS CentOS 7 v3.1.2 Workstation L1
1.3.1 Ensure AIDE is installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server
1.3.1 Ensure AIDE is installedUnixCIS Red Hat EL9 Server L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat EL7 Server L1 v3.1.1
1.3.1 Ensure AIDE is installedUnixCIS CentOS 7 v3.1.2 Server L1
1.3.1 Ensure AIDE is installedUnixCIS Fedora 28 Family Linux Workstation L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS Linux 8 Workstation L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat EL9 Workstation L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS Amazon Linux 2 v2.0.0 L1
1.3.1 Ensure AIDE is installedUnixCIS AlmaLinux OS 9 Workstation L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1
1.3.1 Ensure AIDE is installedUnixCIS Fedora 28 Family Linux Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Rocky Linux 9 Server L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS Debian 8 Server L1 v2.0.2
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 9 Server L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS AlmaLinux OS 9 Server L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat EL7 Workstation L1 v3.1.1
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 9 Workstation L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation
1.3.1 Ensure AIDE is installed - aideUnixCIS Ubuntu Linux 22.04 LTS Server L1 v1.0.0
1.3.1 Ensure AIDE is installed - aideUnixCIS Debian Linux 11 Workstation L1 v1.0.0
1.3.1 Ensure AIDE is installed - aideUnixCIS Debian Linux 11 Server L1 v1.0.0
1.3.1 Ensure AIDE is installed - aideUnixCIS Ubuntu Linux 22.04 LTS Workstation L1 v1.0.0
1.3.1 Ensure AIDE is installed - aide-commonUnixCIS Ubuntu Linux 22.04 LTS Server L1 v1.0.0
1.3.1 Ensure AIDE is installed - aide-commonUnixCIS Debian Linux 11 Server L1 v1.0.0
1.3.1 Ensure AIDE is installed - aide-commonUnixCIS Debian Linux 11 Workstation L1 v1.0.0
1.3.1 Ensure AIDE is installed - aide-commonUnixCIS Ubuntu Linux 22.04 LTS Workstation L1 v1.0.0
1.3.2 Ensure filesystem integrity is regularly checkedUnixCIS Debian 8 Server L1 v2.0.2
1.3.2 Ensure filesystem integrity is regularly checkedUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.1
1.3.2 Ensure filesystem integrity is regularly checkedUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1
1.3.2 Ensure filesystem integrity is regularly checkedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server
1.3.2 Ensure filesystem integrity is regularly checkedUnixCIS Amazon Linux 2 v2.0.0 L1
1.3.2 Ensure filesystem integrity is regularly checkedUnixCIS Amazon Linux 2023 Server L1 v1.0.0
1.3.2 Ensure filesystem integrity is regularly checkedUnixCIS Debian 8 Workstation L1 v2.0.2
1.3.2 Ensure filesystem integrity is regularly checkedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation
1.3.2 Ensure filesystem integrity is regularly checked - cronUnixCIS CentOS Linux 8 Server L1 v2.0.0
1.3.2 Ensure filesystem integrity is regularly checked - cronUnixCIS Fedora 28 Family Linux Server L1 v2.0.0
1.3.2 Ensure filesystem integrity is regularly checked - cronUnixCIS Rocky Linux 9 Workstation L1 v1.0.0