Free DISA STIG and SRG Library | Vaulted

V-56939

The operating system must initiate session audits at system start-up.

Finding ID
SRG-OS-000254-GPOS-00095
Rule ID
SV-71199r1_rule
Severity
Cat II
CCE
(None)
Group Title
SRG-OS-000254-GPOS-00095
CCI
CCI-001464
Target Key
(None)
Documentable
No
Discussion

If auditing is enabled late in the start-up process, the actions of some start-up processes may not be audited. Some audit systems also maintain state information only available if auditing is enabled before a given process is created.

Fix Text

Configure the operating system to initiate session audits at system start-up.

Check Content

Verify the operating system initiates session audits at system start-up. If it does not, this is a finding.