Detections
Analytics

800-53|AU-9(3)

Title

CRYPTOGRAPHIC PROTECTION

Description

The information system implements cryptographic mechanisms to protect the integrity of audit information and audit tools.

Supplemental

Cryptographic mechanisms used for protecting the integrity of audit information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the secret key used to generate the hash.

Reference Item Details

Related: AU-10,SC-12,SC-13

Category: AUDIT AND ACCOUNTABILITY

Parent Title: PROTECTION OF AUDIT INFORMATION

Family: AUDIT AND ACCOUNTABILITY

Baseline Impact: HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
4.1.1.5 Ensure audit logs on seperate system are encrypted.UnixCIS Amazon Linux 2 STIG v1.0.0 L3
5.1 - Storage Administrative System Auditing - Log Forwarding protocol tcp-encryptedNetapp_APINetApp Security Hardening Guide for ONTAP 9 v1.7.0
6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor valuesUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-002028 - AIX must verify the hash of audit tools.UnixDISA STIG AIX 7.x v2r9
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Catalina v1.5.0 - All Profiles
Ensure 'snmp-server group' is set to 'v3 priv'Cisco_FirepowerTenable Cisco Firepower Threat Defense Best Practices Audit
ESXI-70-000095 - The ESXi host must implement Secure Boot enforcement.UnixDISA STIG VMware vSphere 7.0 ESXi OS v1r2
F5BI-DM-000087 - The BIG-IP appliance must be configured to use NIAP evaluated cryptographic mechanisms to protect the integrity of audit information at rest.F5DISA F5 BIG-IP Device Management STIG v2r3
GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - configUnixDISA STIG Solaris 10 X86 v2r4
GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - configUnixDISA STIG Solaris 10 SPARC v2r4
GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - usedUnixDISA STIG Solaris 10 SPARC v2r4
GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - usedUnixDISA STIG Solaris 10 X86 v2r4
GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents.UnixDISA STIG for Oracle Linux 5 v2r1
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-171
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - All Profiles
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r5 Low
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r4 Low
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Monterey v1.0.0 - All Profiles
Monterey - Protect Audit Integrity with Cryptographic MechanismsUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
OL07-00-010010 - The Oracle Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.UnixDISA Oracle Linux 7 STIG v2r14
OL08-00-030650 - OL 8 must use cryptographic mechanisms to protect the integrity of audit tools.UnixDISA Oracle Linux 8 STIG v1r8