PHTN-30-000051 - The Photon operating system package files must not be modified.

Information

Protecting the integrity of the tools used for auditing purposes is a critical step toward ensuring the integrity of audit information. Audit information includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity.

Without confidence in the integrity of the auditing system and tools, the information it provides cannot be trusted.

Solution

If the audit system binaries have been altered, the system must be taken offline and the information system security manager (ISSM) notified immediately.

Reinstalling the audit tools is not supported. The appliance should be restored from a backup or redeployed once the root cause is remediated.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_7-0_Y24M01_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-9(3), CAT|II, CCI|CCI-001496, Rule-ID|SV-256525r887249_rule, STIG-ID|PHTN-30-000051, Vuln-ID|V-256525

Plugin: Unix

Control ID: dca6e45c70a90749fc21ba77f69627bf373a81c368c51bb2d5f4ab9a318d7bbb