800-53|AC-6(9)

Title

AUDITING USE OF PRIVILEGED FUNCTIONS

Description

The information system audits the execution of privileged functions.

Supplemental

Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse, and in doing so, help mitigate the risk from insider threats and the advanced persistent threat (APT).

Reference Item Details

Related: AU-2

Category: ACCESS CONTROL

Parent Title: LEAST PRIVILEGE

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.2.1 Ensure AIDE is installedUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation
1.2.1 Ensure AIDE is installedUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server
1.2.1 Ensure AIDE is installedUnixCIS Debian Linux 10 v2.0.0 L1 Server
1.2.1 Ensure AIDE is installedUnixCIS Debian Linux 10 v2.0.0 L1 Workstation
1.2.1 Ensure dm-verity is enabledUnixCIS Google Container-Optimized OS v1.2.0 L1 Server
1.3.1 Ensure AIDE is installedUnixCIS CentOS Linux 8 Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS Linux 8 Workstation L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Debian 8 Workstation L1 v2.0.2
1.21 CISC-ND-000940CiscoCIS Cisco NX OS Switch NDM STIG v1.1.0 CAT II
1.135 OL09-00-000715UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.151 SLES-15-030640UnixCIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT III
1.162 WN16-DC-000170WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.163 WN16-DC-000180WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.163 WN19-DC-000170WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.163 WN22-DC-000170WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.164 WN16-DC-000190WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.164 WN19-DC-000180WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.164 WN22-DC-000180WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.165 WN16-DC-000200WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.165 WN19-DC-000190WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.165 WN22-DC-000190WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.166 WN16-DC-000210WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.166 WN19-DC-000200WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.166 WN22-DC-000200WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.167 WN16-DC-000220WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.167 WN19-DC-000210WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.167 WN22-DC-000210WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.168 WN19-DC-000220WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.168 WN22-DC-000220WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.169 WN16-DC-000240WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.170 WN16-DC-000250WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.170 WN19-DC-000240WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.170 WN22-DC-000240WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.171 WN16-DC-000260WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.171 WN19-DC-000250WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.171 WN22-DC-000250WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.172 WN19-DC-000260WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.172 WN22-DC-000260WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.177 SOL-11.1-070250UnixCIS Solaris 11 X86 STIG v1.0.0 CAT II
1.177 UBTU-22-654230UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.179 SOL-11.1-070250UnixCIS Solaris 11 SPARC STIG v1.0.0 CAT II
1.185 RHEL-10-500300UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.205 OL08-00-030000UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.253 ALMA-09-031920UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.254 ALMA-09-032030UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.255 ALMA-09-032140UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.256 ALMA-09-032250UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.286 OL09-00-002362UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.287 OL09-00-002363UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.288 OL09-00-002364UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II