800-53|MA-4(1)(a)

Title

AUDITING AND REVIEW

Description

Audits nonlocal maintenance and diagnostic sessions [Assignment: organization-defined audit events]; and

Reference Item Details

Category: MAINTENANCE

Family: MAINTENANCE

Audit Items

View all Reference Audit Items

NamePluginAudit Name
4.1.3.8 Ensure changes to system administration scope (sudoers) is collected - sudoersUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.10 Ensure use of privileged commands is collectedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - creat EACCES 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - creat EACCES 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - creat EPERM 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - creat EPERM 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - ftruncate EACCES 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - ftruncate EACCES 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - ftruncate EPERM 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - ftruncate EPERM 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - open EACCES 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - open EACCES 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - open EPERM 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - open EPERM 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - openat EACCES 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - openat EACCES 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - openat EPERM 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - openat EPERM 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - truncate EACCES 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - truncate EACCES 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - truncate EPERM 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - truncate EPERM 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.13 Ensure login and logout events are collected - faillockUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.13 Ensure login and logout events are collected - lastlogUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.15 Ensure all uses of the passwd command are audited.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.16 Ensure auditing of the unix_chkpwd commandUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.17 Ensure audit of the gpasswd commandUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.18 Ensure audit all uses of chageUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.19 Ensure audit all uses of the chsh command.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.20 Ensure audit the umount commandUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.21 Ensure audit of postdrop commandUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.22 Ensure audit of postqueue command.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.23 Ensure audit ssh-keysign command.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.24 Ensure audit of crontab commandUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.26 Ensure audit of the rmdir syscall - 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.26 Ensure audit of the rmdir syscall - 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.27 Ensure audit of unlink syscall - 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.27 Ensure audit of unlink syscall - 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.28 Ensure audit unlinkat syscall - 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.28 Ensure audit unlinkat syscall - 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.33 Ensure audit of semanage commandUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.34 Ensure audit of the setsebool command.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.35 Ensure audit of the chcon commandUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.36 Ensure audit of the userhelper commandUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.37 Ensure audit of the mount command and syscallUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.37 Ensure audit of the mount command and syscall - 32 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.37 Ensure audit of the mount command and syscall - 64 bitUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.38 Ensure audit of the su commandUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.39 Ensure audit of setfiles commandUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.40 Ensure audit all uses of the newgrp commandUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG