STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← AU-14 (2) — Session Audit

CCI-001462

Definition

The information system provides the capability for authorized users to capture/record and log content related to a user session.

Parent Control

AU-14 (2)Session AuditAudit and Accountability

Linked STIG Checks (17)

V-235778CAT IIThe audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.Docker Enterprise 2.x Linux/UNIX Security Technical Implementation GuideV-234159CAT IIThe FortiGate firewall must allow authorized users to record a packet-capture-based IP, traffic type (TCP, UDP, or ICMP), or protocol.Fortinet FortiGate Firewall Security Technical Implementation GuideV-65305CAT IIThe DataPower Gateway providing user access control intermediary services must provide the capability for authorized users to capture, record, and log all content related to a selected user session.IBM DataPower ALG Security Technical Implementation GuideV-255782CAT IIThe MQ Appliance messaging server must produce log records containing information to establish what type of events occurred.IBM MQ Appliance V9.0 AS Security Technical Implementation GuideV-255823CAT IIThe WebSphere Application Server audit event type filters must be configured.IBM WebSphere Traditional V9.x Security Technical Implementation GuideV-241996CAT IIIWindows Defender Firewall with Advanced Security must log successful connections when connected to a domain.Microsoft Windows Defender Firewall with Advanced Security Security Technical Implementation GuideV-242001CAT IIIWindows Defender Firewall with Advanced Security must log successful connections when connected to a private network.Microsoft Windows Defender Firewall with Advanced Security Security Technical Implementation GuideV-242008CAT IIIWindows Defender Firewall with Advanced Security must log successful connections when connected to a public network.Microsoft Windows Defender Firewall with Advanced Security Security Technical Implementation GuideV-221160CAT IIMongoDB must provide audit record generation for DoD-defined auditable events within all DBMS/database components.MongoDB Enterprise Advanced 3.x Security Technical Implementation GuideV-251762CAT IIIThe NSX-T Tier-1 Gateway Firewall must generate traffic log entries containing information to establish the details of the event.VMware NSX-T Tier 1 Gateway Firewall Security Technical Implementation GuideV-251737CAT IIIThe NSX-T Tier-0 Gateway Firewall must generate traffic log entries containing information to establish the details of the event.VMware NSX-T Tier-0 Gateway Firewall Security Technical Implementation GuideV-256648CAT IIVAMI must be configured to monitor remote access.VMware vSphere 7.0 VAMI Security Technical Implementation GuideV-256677CAT IIESX Agent Manager must record user access in a format that enables monitoring of remote access.VMware vSphere 7.0 vCenter Appliance EAM Security Technical Implementation GuideV-256710CAT IILookup Service must record user access in a format that enables monitoring of remote access.VMware vSphere 7.0 vCenter Appliance Lookup Service Security Technical Implementation GuideV-256615CAT IIPerformance Charts must record user access in a format that enables monitoring of remote access.VMware vSphere 7.0 vCenter Appliance Perfcharts Security Technical Implementation GuideV-256749CAT IIThe Security Token Service must record user access in a format that enables monitoring of remote access.VMware vSphere 7.0 vCenter Appliance STS Security Technical Implementation GuideV-256782CAT IIvSphere UI must record user access in a format that enables monitoring of remote access.VMware vSphere 7.0 vCenter Appliance UI Security Technical Implementation Guide