CCI|CCI-002130

Title

The information system automatically audits account enabling actions.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
4.1.3.14 Ensure events that modify user/group information are collected - groupUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.14 Ensure events that modify user/group information are collected - gshadowUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.14 Ensure events that modify user/group information are collected - opasswdUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.14 Ensure events that modify user/group information are collected - passwdUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.3.14 Ensure events that modify user/group information are collected - shadowUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events.UnixDISA STIG AIX 7.x v2r9
AOSX-15-001003 - The macOS system must initiate session audits at system startupUnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-12-001003 - The macOS system must initiate session audits at system startupUnixDISA STIG Apple macOS 12 v1r7
APPL-13-001003 - The macOS system must produce audit records containing information to establish when, where, what type, the source, and the outcome for all DOD-defined auditable events and actions.UnixDISA STIG Apple macOS 13 v1r3
ARST-ND-000150 - The Arista network device must be configured to audit all administrator activity.AristaDISA STIG Arista MLS EOS 4.2x NDM v1r1
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
CISC-ND-000880 - The Cisco router must be configured to automatically audit account enabling actions.CiscoDISA STIG Cisco IOS Router NDM v2r7
CISC-ND-000880 - The Cisco router must be configured to automatically audit account enabling actions.CiscoDISA STIG Cisco IOS XE Router NDM v2r8
CISC-ND-000880 - The Cisco switch must be configured to automatically audit account enabling actions.CiscoDISA STIG Cisco IOS Switch NDM v2r7
CISC-ND-000880 - The Cisco switch must be configured to automatically audit account enabling actions.CiscoDISA STIG Cisco IOS XE Switch NDM v2r7
CISC-ND-000880 - The Cisco switch must be configured to automatically audit account enabling actions.CiscoDISA STIG Cisco NX-OS Switch NDM v2r6
F5BI-DM-000171 - The BIG-IP appliance must be configured to automatically audit account-enabling actions.F5DISA F5 BIG-IP Device Management 11.x STIG v2r2
JUEX-NM-000380 - The Juniper EX switch must be configured to automatically audit account enabling actions.JuniperDISA Juniper EX Series Network Device Management v1r4
JUNI-ND-000870 - The Juniper router must be configured to automatically audit account enabling actions.JuniperDISA STIG Juniper Router NDM v2r3
JUSX-DM-000023 - The Juniper SRX Services Gateway must automatically generate a log event when accounts are enabled.JuniperDISA Juniper SRX Services Gateway NDM v2r1
Monterey - Enable Security AuditingUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Enable Security AuditingUnixNIST macOS Monterey v1.0.0 - 800-53r4 Low
Monterey - Enable Security AuditingUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Enable Security AuditingUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Enable Security AuditingUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Enable Security AuditingUnixNIST macOS Monterey v1.0.0 - 800-171
Monterey - Enable Security AuditingUnixNIST macOS Monterey v1.0.0 - 800-53r5 Low
Monterey - Enable Security AuditingUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Enable Security AuditingUnixNIST macOS Monterey v1.0.0 - All Profiles
OL07-00-030870 - The Oracle Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.UnixDISA Oracle Linux 7 STIG v2r13
OL08-00-030130 - OL 8 must generate audit records for all account creation events that affect '/etc/shadow' - /etc/shadow.UnixDISA Oracle Linux 8 STIG v1r8
OL08-00-030140 - OL 8 must generate audit records for all account creation events that affect '/etc/security/opasswd' - /etc/security/opasswd.UnixDISA Oracle Linux 8 STIG v1r8
OL08-00-030150 - OL 8 must generate audit records for all account creation events that affect '/etc/passwd' - /etc/passwd.UnixDISA Oracle Linux 8 STIG v1r8