800-53|AU-7a.

Title

AUDIT REDUCTION AND REPORT GENERATION

Description

Supports on-demand audit review, analysis, and reporting requirements and after-the-fact investigations of security incidents; and

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: AUDIT AND ACCOUNTABILITY

Family: AUDIT AND ACCOUNTABILITY

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
AIX7-00-002036 - AIX must provide a report generation function that supports on-demand audit review and analysis, on-demand reporting requirements, and after-the-fact investigations of security incidents.	Unix	DISA STIG AIX 7.x v2r9
AOSX-13-000240 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple macOS 11 v1r5
APPL-11-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple macOS 11 v1r8
APPL-12-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple macOS 12 v1r8
APPL-13-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple macOS 13 v1r3
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-171
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
EX13-MB-000280 - The Exchange Public Store storage quota must be limited.	Windows	DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2
Monterey - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Monterey v1.0.0 - 800-171
Monterey - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Monterey v1.0.0 - All Profiles
Monterey - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 Low
Monterey - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 Low
Monterey - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Monterey v1.0.0 - CNSSI 1253
OL08-00-030180 - The OL 8 audit package must be installed.	Unix	DISA Oracle Linux 8 STIG v1r8
OL08-00-030181 - OL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.	Unix	DISA Oracle Linux 8 STIG v1r8
RHEL-09-653010 - RHEL 9 audit package must be installed.	Unix	DISA Red Hat Enterprise Linux 9 STIG v1r2
RHEL-09-653015 - RHEL 9 audit service must be enabled.	Unix	DISA Red Hat Enterprise Linux 9 STIG v1r2
SLES-12-020000 - The SUSE operating system must have the auditing package installed.	Unix	DISA SLES 12 STIG v2r13
SLES-12-020010 - SUSE operating system audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.	Unix	DISA SLES 12 STIG v2r13
SLES-12-020240 - The SUSE operating system must generate audit records for all uses of the privileged functions.	Unix	DISA SLES 12 STIG v2r13
SLES-15-030050 - SUSE operating system audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.	Unix	DISA SLES 15 STIG v1r12
SLES-15-030640 - The SUSE operating system must generate audit records for all uses of the privileged functions.	Unix	DISA SLES 15 STIG v1r12
SLES-15-030650 - The SUSE operating system must have the auditing package installed.	Unix	DISA SLES 15 STIG v1r12
SOL-11.1-010060 - The audit system must support an audit reduction capability.	Unix	DISA STIG Solaris 11 SPARC v2r9
SOL-11.1-010060 - The audit system must support an audit reduction capability.	Unix	DISA STIG Solaris 11 X86 v2r9
SOL-11.1-010070 - The audit system records must be able to be used by a report generation capability.	Unix	DISA STIG Solaris 11 SPARC v2r9
SOL-11.1-010070 - The audit system records must be able to be used by a report generation capability.	Unix	DISA STIG Solaris 11 X86 v2r9

Detections

Analytics

800-53|AU-7a.

Title

Description

Reference Item Details

Audit Items