CCI|CCI-000169

Title

Provide audit record generation capability for the event types the system is capable of auditing as defined in AU-2 a. on organization-defined information system components.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2024

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
3.125 - Audit policy using subcategories is enabled.	Windows	DISA Windows Vista STIG v6r41
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events.	Unix	DISA STIG AIX 7.x v2r9
AOSX-13-000240 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple macOS 11 v1r8
APPL-11-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple macOS 11 v1r5
APPL-12-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple macOS 12 v1r9
APPL-13-005001 - The macOS system must enable System Integrity Protection.	Unix	DISA STIG Apple macOS 13 v1r4
APPL-14-005001 - The macOS system must ensure System Integrity Protection is enabled.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
ARST-ND-000790 - The Arista network device must be configured to capture all DOD auditable events.	Arista	DISA STIG Arista MLS EOS 4.2x NDM v2r1
AS24-U1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events - log_config_module	Unix	DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events - LogFormat	Unix	DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events.	Unix	DISA STIG Apache Server 2.4 Unix Server v3r1
AS24-W1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events.	Windows	DISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events.	Windows	DISA STIG Apache Server 2.4 Windows Server v2r3
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-171
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Ensure System Integrity Protection is Enabled	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
CD12-00-007400 - PostgreSQL must be configured to provide audit record generation for DoD-defined auditable events within all DBMS/database components.	PostgreSQLDB	DISA STIG Crunchy Data PostgreSQL DB v3r1
DB2X-00-000600 - DB2 must provide audit record generation capability for DoD-defined auditable events within all DBMS/database components	IBM_DB2DB	DISA STIG IBM DB2 v10.5 LUW v2r1 Database
DKER-EE-001080 - The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.	Unix	DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker paths	Unix	DISA STIG Docker Enterprise 2.x Linux/Unix v2r2
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker services	Unix	DISA STIG Docker Enterprise 2.x Linux/Unix v2r2
DTBC-0005 - Extensions installation must be blocklisted by default.	Windows	DISA STIG Google Chrome v2r9
DTBC-0052 - Deletion of browser history must be disabled.	Windows	DISA STIG Google Chrome v2r9
DTBC-0053 - Prompt for download location must be enabled.	Windows	DISA STIG Google Chrome v2r9
DTBC-0055 - Download restrictions must be configured.	Windows	DISA STIG Google Chrome v2r9
DTBC-0060 - Chrome Cleanup must be disabled.	Windows	DISA STIG Google Chrome v2r9
DTBC-0061 - Chrome Cleanup reporting must be disabled.	Windows	DISA STIG Google Chrome v2r9
DTBI300-IE11 - Configuring History setting must be set to 40 days.	Windows	DISA STIG IE 11 v2r5
DTBI760-IE11 - Browser must retain history on exit.	Windows	DISA STIG IE 11 v2r5
DTBI770-IE11 - Deleting websites that the user has visited must be disallowed.	Windows	DISA STIG IE 11 v2r5
EP11-00-001000 - The EDB Postgres Advanced Server must be configured to provide audit record generation capability for DoD-defined auditable events within all EDB Postgres Advanced Server/database components.	PostgreSQLDB	EDB PostgreSQL Advanced Server v11 DB Audit v2r4

Detections

Analytics

CCI|CCI-000169

Title

Reference Item Details

Audit Items