UCF STIG Viewer Logo

Trend Deep Security must provide the capability for authorized users to capture, record, and log all content related to a user session.


Overview

Finding ID Version Rule ID IA Controls Severity
V-65883 TMDS-00-000080 SV-80373r1_rule Medium
Description
Without the capability to capture, record, and log all content related to a user session, investigations into suspicious user activity would be hampered. This requirement does not apply to applications that do not have a concept of a user session (e.g., calculator).
STIG Date
Trend Micro Deep Security 9.x Security Technical Implementation Guide 2016-02-26

Details

Check Text ( C-66531r1_chk )
Review the Trend Deep Security server configuration to ensure the capability for authorized users to capture, record, and log all content related to a user session is provided.

Verify the following events within the Administration >> System Settings >> System Events, are set to “Record.”
600 User Signed In
601 User Signed Out
602 User Timed Out
603 User Locked Out
608 User Session Validation Failed
610 User Session Validated

If these settings are not set to “Record”, this is a finding.
Fix Text (F-71959r1_fix)
Configure the Trend Deep Security server to provide the capability for authorized users to capture, record, and log all content related to a user session.

Go to Administration >> System Settings >> System Events, and set the following settings to “Record.”
600 User Signed In
601 User Signed Out
602 User Timed Out
603 User Locked Out
608 User Session Validation Failed
610 User Session Validated