Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-65883 | TMDS-00-000080 | SV-80373r1_rule | Medium |
Description |
---|
Without the capability to capture, record, and log all content related to a user session, investigations into suspicious user activity would be hampered. This requirement does not apply to applications that do not have a concept of a user session (e.g., calculator). |
STIG | Date |
---|---|
Trend Micro Deep Security 9.x Security Technical Implementation Guide | 2016-02-26 |
Check Text ( C-66531r1_chk ) |
---|
Review the Trend Deep Security server configuration to ensure the capability for authorized users to capture, record, and log all content related to a user session is provided. Verify the following events within the Administration >> System Settings >> System Events, are set to “Record.” 600 User Signed In 601 User Signed Out 602 User Timed Out 603 User Locked Out 608 User Session Validation Failed 610 User Session Validated If these settings are not set to “Record”, this is a finding. |
Fix Text (F-71959r1_fix) |
---|
Configure the Trend Deep Security server to provide the capability for authorized users to capture, record, and log all content related to a user session. Go to Administration >> System Settings >> System Events, and set the following settings to “Record.” 600 User Signed In 601 User Signed Out 602 User Timed Out 603 User Locked Out 608 User Session Validation Failed 610 User Session Validated |