Detections
Analytics

800-53|AU-10

Title

NON-REPUDIATION

Description

The information system protects against an individual (or process acting on behalf of an individual) falsely denying having performed [Assignment: organization-defined actions to be covered by non-repudiation].

Supplemental

Types of individual actions covered by non-repudiation include, for example, creating information, sending and receiving messages, approving information (e.g., indicating concurrence or signing a contract). Non-repudiation protects individuals against later claims by: (i) authors of not having authored particular documents; (ii) senders of not having transmitted messages; (iii) receivers of not having received messages; or (iv) signatories of not having signed documents. Non-repudiation services can be used to determine if information originated from a particular individual, or if an individual took specific actions (e.g., sending an email, signing a contract, approving a procurement request) or received specific information. Organizations obtain non-repudiation services by employing various techniques or mechanisms (e.g., digital signatures, digital message receipts).

Reference Item Details

Related: SC-12,SC-13,SC-16,SC-17,SC-23,SC-8

Category: AUDIT AND ACCOUNTABILITY

Family: AUDIT AND ACCOUNTABILITY

Priority: P2

Baseline Impact: HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.3 SQLD-22-000500MS_SQLDBCIS Microsoft SQL Server 2022 Database STIG v1.0.0 CAT II
1.4 IBMW-LS-000040UnixCIS IBM WebSphere Liberty Server STIG v1.0.0 CAT II
1.4 SQLD-22-000600MS_SQLDBCIS Microsoft SQL Server 2022 Database STIG v1.0.0 CAT II
1.4 VCEM-80-000014UnixCIS VMware vSphere 8.0 vCenter Appliance ESX Agent Manager EAM STIG v1.0.0 CAT II
1.4 VCLU-80-000014UnixCIS VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v1.0.0 CAT II
1.4 VCPF-80-000014UnixCIS VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v1.0.0 CAT II
1.4 VCST-80-000014UnixCIS VMware vSphere 8.0 vCenter Appliance Secure Token Service STS STIG v1.0.0 CAT II
1.4 VCUI-80-000014UnixCIS VMware vSphere 8.0 vCenter Appliance User Interface UI STIG v1.0.0 CAT II
1.5 SQLI-22-004000MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.6 SQLI-22-004100MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.7 O19C-00-001700OracleDBCIS Oracle Database 19c STIG v1.1.0 CAT III
1.7 SQLI-22-004200MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.7 VCSA-80-000060VMwareCIS VMware vSphere 8.0 vCenter STIG v1.0.0 CAT II
1.8 SQLI-22-004250MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.9 CISC-ND-000210CiscoCIS Cisco NX OS Switch NDM STIG v1.0.0 CAT II
1.9 CISC-ND-000210CiscoCIS Cisco IOS Switch NDM STIG v1.1.0 CAT II
1.9 CISC-ND-000210CiscoCIS Cisco IOS XE Switch NDM STIG v1.1.0 CAT II
1.24 SOL-11.1-010350UnixCIS Solaris 11 SPARC STIG v1.0.0 CAT III
1.24 SOL-11.1-010350UnixCIS Solaris 11 X86 STIG v1.0.0 CAT III
2.58 (L1) Ensure 'Incognito mode availability' is set to 'Enabled: Incognito mode disabled'WindowsCIS Google Chrome Group Policy v1.0.0 L1
5.2 (L2) Ensure 'Incognito mode availability' is set to 'Enabled: Incognito mode disabled'WindowsCIS Google Chrome L2 v3.0.0
AMLS-NM-000170 - The Arista Multilayer Switch must protect against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation.AristaDISA STIG Arista MLS DCS-7000 Series NDM v1r4
ARST-ND-000150 - The Arista network device must be configured to audit all administrator activity.AristaDISA Arista MLS EOS 4.X NDM STIG v2r2
ARST-ND-000150 - The Arista network device must be configured to audit all administrator activity.AristaDISA STIG Arista MLS EOS 4.2x NDM v2r1
Big Sur - Non-RepudiationUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Non-RepudiationUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
CASA-ND-000210 - The Cisco ASA must be configured to protect against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation.CiscoDISA STIG Cisco ASA NDM v2r4
Catalina - Non-RepudiationUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Non-RepudiationUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
CD12-00-009700 - PostgreSQL must protect against a user falsely repudiating having performed organization-defined actions.PostgreSQLDBDISA STIG Crunchy Data PostgreSQL DB v3r1
CISC-ND-000210 - The Cisco device must be configured to audit all administrator activity.CiscoDISA Cisco IOS XE Switch NDM STIG v3r6
CISC-ND-000210 - The Cisco device must be configured to audit all administrator activity.CiscoDISA Cisco IOS Switch NDM STIG v3r7
CISC-ND-000210 - The Cisco device must be configured to audit all administrator activity.CiscoDISA Cisco IOS Router NDM STIG v3r7
CISC-ND-000210 - The Cisco device must be configured to audit all administrator activity.CiscoDISA Cisco IOS XE Router NDM STIG v3r7
CISC-ND-000210 - The Cisco switch must be configured to protect against an individual falsely denying having performed organization-defined actions to be covered by non-repudiation.CiscoDISA Cisco NX OS Switch NDM STIG v3r6
DB2X-00-000500 - DB2 must protect against a user falsely repudiating having performed organization-defined actions - audit policies usedIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DB2X-00-000500 - DB2 must protect against a user falsely repudiating having performed organization-defined actions - database policiesIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DB2X-00-000500 - DB2 must protect against a user falsely repudiating having performed organization-defined actions - table policiesIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccessUnixDISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member accessUnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DTBC-0030 - Incognito mode must be disabled.WindowsDISA Google Chrome Current Windows STIG v2r11
DTBC-0045 - Session only based cookies must be enabled.WindowsDISA Google Chrome Current Windows STIG v2r11
DTBI780 - InPrivate Browsing must be disallowed.WindowsDISA STIG Microsoft Internet Explorer 9 v1r15
DTBI780-IE11 - InPrivate Browsing must be disallowed.WindowsDISA STIG IE 11 v2r7
EDGE-00-000005 - InPrivate mode must be disabled.WindowsDISA STIG Edge v2r3
EDGE-00-000005 - InPrivate mode must be disabled.WindowsDISA Microsoft Edge STIG v2r5
EDGE-00-000033 - Browser history must be saved.WindowsDISA Microsoft Edge STIG v2r5
EDGE-00-000033 - Browser history must be saved.WindowsDISA STIG Edge v2r3
EDGE-00-000067 - Session only-based cookies must be enabled.WindowsDISA Microsoft Edge STIG v2r5