STIGhub
STIGs
RMF Controls
Compare
← AU-9 (3) — Protection of Audit Information
CCI-001350
Definition
Implement cryptographic mechanisms to protect the integrity of audit information.
Parent Control
AU-9 (3)
Protection of Audit Information
Audit and Accountability
Linked STIG Checks (18)
V-279070
CAT II
ColdFusion must be configured to support integration with a third-party Security Information and Event Management (SIEM) to support notifications.
Adobe ColdFusion Security Technical Implementation Guide
V-222507
CAT II
The application must use cryptographic mechanisms to protect the integrity of audit information.
Application Security and Development Security Technical Implementation Guide
V-204739
CAT II
The application server must use cryptographic mechanisms to protect the integrity of log information.
Application Server Security Requirements Guide
V-272632
CAT II
CylanceON-PREM must be configured to support integration with a third-party Security Information and Event Management (SIEM) to support notifications.
Arctic Wolf CylanceON-PREM Security Technical Implementation Guide
V-233063
CAT II
The container platform must use FIPS validated cryptographic mechanisms to protect the integrity of log information.
Container Platform Security Requirements Guide
V-270945
CAT II
The Dragos Platform must have disk encryption enabled on a virtual machines (VMs).
Dragos Platform 2.x Security Technical Implementation Guide
V-228987
CAT II
The BIG-IP appliance must be configured to use NIAP evaluated cryptographic mechanisms to protect the integrity of audit information at rest.
F5 BIG-IP Device Management Security Technical Implementation Guide
V-255776
CAT II
The MQ Appliance messaging server must implement cryptography mechanisms to protect the integrity of the remote access session.
IBM MQ Appliance V9.0 AS Security Technical Implementation Guide
V-250330
CAT II
The WebSphere Liberty Server must be configured to encrypt log information.
IBM WebSphere Liberty Server Security Technical Implementation Guide
V-255854
CAT II
The WebSphere Application Server must be configured to encrypt log information.
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
V-255855
CAT II
The WebSphere Application Server must be configured to sign log information.
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
V-252843
CAT I
Rancher MCM must use a centralized user management solution to support account management functions. For accounts using password authentication, the container platform must use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.
Rancher Government Solutions Multi-Cluster Manager Security Technical Implementation Guide
V-257536
CAT II
OpenShift must use FIPS-validated cryptographic mechanisms to protect the integrity of log information.
Red Hat OpenShift Container Platform 4.12 Security Technical Implementation Guide
V-257536
CAT II
OpenShift must use FIPS-validated cryptographic mechanisms to protect the integrity of log information.
Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide
V-257546
CAT I
OpenShift must protect authenticity of communications sessions with the use of FIPS-validated 140-2 or 140-3 validated cryptography.
Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide
V-216415
CAT III
The operating system must use cryptographic mechanisms to protect the integrity of audit information.
Solaris 11 SPARC Security Technical Implementation Guide
V-216178
CAT III
The operating system must use cryptographic mechanisms to protect the integrity of audit information.
Solaris 11 X86 Security Technical Implementation Guide
V-241131
CAT I
Trend Deep Security must use cryptographic mechanisms to protect the integrity of audit information.
Trend Micro Deep Security 9.x Security Technical Implementation Guide