Detections
Analytics

800-53|AU-9(3)

Title

CRYPTOGRAPHIC PROTECTION

Description

The information system implements cryptographic mechanisms to protect the integrity of audit information and audit tools.

Supplemental

Cryptographic mechanisms used for protecting the integrity of audit information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the secret key used to generate the hash.

Reference Item Details

Related: AU-10,SC-12,SC-13

Category: AUDIT AND ACCOUNTABILITY

Parent Title: PROTECTION OF AUDIT INFORMATION

Family: AUDIT AND ACCOUNTABILITY

Baseline Impact: HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 UBTU-24-90890UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.115 UBTU-22-651030UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.139 APPL-14-005001UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT I
1.274 OL08-00-030650UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.354 RHEL-09-651025UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
5.1 - Storage Administrative System Auditing - Log Forwarding protocol tcp-encryptedNetapp_APINetApp Security Hardening Guide for ONTAP 9 v1.7.0
6.1.4 Ensure AIDE is configured to use cryptographic mechanisms to protect the integrity of audit toolsUnixCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG
6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor valuesUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor valuesUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
AIX7-00-002028 - AIX must verify the hash of audit tools.UnixDISA STIG AIX 7.x v3r1
ALMA-09-056890 - AlmaLinux OS 9 must use cryptographic mechanisms to protect the integrity of audit tools.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r4
APPL-14-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 14 Sonoma STIG v2r4
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 15 Sequoia STIG v1r5
APPL-26-005001 - The macOS system must ensure System Integrity Protection (SIP) is enabled.UnixDISA Apple macOS 26 Tahoe STIG v1r1
AZLX-23-001070 - Amazon Linux 2023 must use cryptographic mechanisms to protect the integrity of audit tools.UnixDISA Amazon Linux 2023 STIG v1r2
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Catalina v1.5.0 - All Profiles
Ensure 'snmp-server group' is set to 'v3 priv'Cisco_FirepowerTenable Cisco Firepower Threat Defense Best Practices Audit
ESXI-70-000095 - The ESXi host must implement Secure Boot enforcement.UnixDISA VMware vSphere 7.0 ESXi STIG v1r4 Unix
ESXI-80-000094 - The ESXi host must enable Secure Boot.UnixDISA VMware vSphere 8.0 ESXi STIG v2r3 Unix
ESXi: esxi-8.securebootUnixVMware vSphere Security Configuration and Hardening Guide 8.0 - Bare Metal Host
ESXi: esxi-8.secureboot-enforcementUnixVMware vSphere Security Configuration and Hardening Guide 8.0 - Bare Metal Host
F5BI-DM-000087 - The BIG-IP appliance must be configured to use NIAP evaluated cryptographic mechanisms to protect the integrity of audit information at rest.F5DISA F5 BIG-IP Device Management STIG v2r4
GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - configUnixDISA STIG Solaris 10 X86 v2r4
GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - configUnixDISA STIG Solaris 10 SPARC v2r4
GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - usedUnixDISA STIG Solaris 10 SPARC v2r4
GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - usedUnixDISA STIG Solaris 10 X86 v2r4
GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents.UnixDISA STIG for Oracle Linux 5 v2r1