STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← AU-9 — Protection of Audit Information

CCI-001493

Definition

Protect audit tools from unauthorized access.

Parent Control

AU-9Protection of Audit InformationAudit and Accountability

Linked STIG Checks (170)

V-279037CAT IIIThe ColdFusion file ownership and permissions must be restricted to prevent unauthorized access to log tools.Adobe ColdFusion Security Technical Implementation Guide V-274026CAT IIAmazon Linux 2023 must use cryptographic mechanisms to protect the integrity of audit tools.Amazon Linux 2023 Security Technical Implementation Guide V-274101CAT IIAmazon Linux 2023 audit tools must have a mode of "0755" or less permissive.Amazon Linux 2023 Security Technical Implementation Guide V-274102CAT IIAmazon Linux 2023 audit tools must be owned by root.Amazon Linux 2023 Security Technical Implementation Guide V-274103CAT IIAmazon Linux 2023 audit tools must be group-owned by root.Amazon Linux 2023 Security Technical Implementation Guide V-222948CAT II$CATALINA_HOME/bin folder permissions must be set to 750.Apache Tomcat Application Server 9 Security Technical Implementation Guide V-252534CAT IIThe macOS system must enable System Integrity Protection.Apple macOS 12 (Monterey) Security Technical Implementation Guide V-257240CAT IThe macOS system must enable System Integrity Protection.Apple macOS 13 (Ventura) Security Technical Implementation Guide V-268432CAT IIThe macOS system must configure audit log files to not contain access control lists (ACLs).Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268433CAT IIThe macOS system must configure the audit log folder to not contain access control lists (ACLs).Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268456CAT IIThe macOS system must configure audit log files to be owned by root.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268457CAT IIThe macOS system must configure audit log folders to be owned by root.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268458CAT IIThe macOS system must configure the audit log files group to wheel.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268459CAT IIThe macOS system must configure the audit log folders group to wheel.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268460CAT IIThe macOS system must configure audit log files to mode 440 or less permissive.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268461CAT IIThe macOS system must configure audit log folders to mode 700 or less permissive.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268462CAT IIThe macOS system must be configured to audit all deletions of object attributes.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268463CAT IIThe macOS system must be configured to audit all changes of object attributes.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268464CAT IIThe macOS system must be configured to audit all failed read actions on the system.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268465CAT IIThe macOS system must be configured to audit all failed write actions on the system.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268473CAT IIThe macOS system must configure audit_control group to wheel.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268474CAT IIThe macOS system must configure audit_control owner to root.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268475CAT IIThe macOS system must configure audit_control owner to mode 440 or less permissive.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-268555CAT IThe macOS system must ensure System Integrity Protection is enabled.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-269095CAT IIThe macOS system must configure audit_control to not contain access control lists (ACLs).Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-277040CAT IIThe macOS system must configure audit log files to not contain access control lists (ACLs).Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277041CAT IIThe macOS system must configure the audit log folder to not contain access control lists (ACLs).Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277063CAT IIThe macOS system must configure audit log files to be owned by root.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277064CAT IIThe macOS system must configure audit log folders to be owned by root.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277065CAT IIThe macOS system must configure the audit log files group to wheel.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277066CAT IIThe macOS system must configure the audit log folders group to wheel.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277067CAT IIThe macOS system must configure audit log files to mode 440 or less permissive.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277068CAT IIThe macOS system must configure audit log folders to mode 700 or less permissive.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277069CAT IIThe macOS system must be configured to audit all deletions of object attributes.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277070CAT IIThe macOS system must be configured to audit all changes of object attributes.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277071CAT IIThe macOS system must be configured to audit all failed read actions on the system.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277072CAT IIThe macOS system must be configured to audit all failed write actions on the system.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277080CAT IIThe macOS system must configure audit_control group to wheel.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277081CAT IIThe macOS system must configure audit_control owner to root.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277082CAT IIThe macOS system must configure audit_control owner to mode 440 or less permissive.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277083CAT IIThe macOS system must configure audit_control to not contain access control lists (ACLs).Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-277165CAT IThe macOS system must ensure System Integrity Protection (SIP) is enabled.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-204939CAT IIThe ALG must protect audit tools from unauthorized access.Application Layer Gateway Security Requirements Guide V-222503CAT IIThe application must protect audit tools from unauthorized access.Application Security and Development Security Technical Implementation Guide V-204735CAT IIThe application server must protect log tools from unauthorized access.Application Server Security Requirements Guide V-272627CAT IIICylanceON-PREM must be configured to use a third-party identity provider.Arctic Wolf CylanceON-PREM Security Technical Implementation Guide V-276014CAT IAx-OS must off-load audit records onto a different system or media than the system being audited.Axonius Federal Systems Ax-OS Security Technical Implementation Guide V-237358CAT IIThe CA API Gateway must protect audit tools from unauthorized access.CA API Gateway ALG Security Technical Implementation Guide V-219195CAT IIThe Ubuntu operating system must configure audit tools with a mode of 0755 or less permissive.Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide V-219196CAT IIThe Ubuntu operating system must configure audit tools to be owned by root.Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide V-219197CAT IIThe Ubuntu operating system must configure the audit tools to be group-owned by root.Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide V-238300CAT IIThe Ubuntu operating system must configure audit tools with a mode of 0755 or less permissive.Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide V-238301CAT IIThe Ubuntu operating system must configure audit tools to be owned by root.Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide V-238302CAT IIThe Ubuntu operating system must configure the audit tools to be group-owned by root.Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide V-260492CAT IIUbuntu 22.04 LTS must configure audit tools with a mode of "755" or less permissive.Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide V-260507CAT IIUbuntu 22.04 LTS must configure audit tools to be owned by "root".Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide V-270821CAT IIUbuntu 24.04 LTS must configure audit tools with a mode of "0755" or less permissive.Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide V-270822CAT IIUbuntu 24.04 LTS must configure audit tools to be owned by root.Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide V-270823CAT IIUbuntu 24.04 LTS must configure the audit tools to be group owned by root.Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide V-221917CAT IIThe Central Log Server must protect audit tools from unauthorized access.Central Log Server Security Requirements Guide V-269541CAT IIAlmaLinux OS 9 audit tools must be group-owned by root.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-269542CAT IIAlmaLinux OS 9 audit tools must be owned by root.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-269543CAT IIAlmaLinux OS 9 audit tools must have a mode of 0755 or less permissive.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-233059CAT IIThe container platform must protect audit tools from unauthorized access.Container Platform Security Requirements Guide V-233607CAT IIPostgreSQL must protect its audit features from unauthorized access.Crunchy Data PostgreSQL Security Technical Implementation Guide V-261878CAT IIPostgreSQL must protect its audit features from unauthorized access.Crunchy Data Postgres 16 Security Technical Implementation Guide V-206541CAT IIThe DBMS must protect its audit features from unauthorized access.Database Security Requirements Guide V-224151CAT IIThe EDB Postgres Advanced Server must protect its audit features from unauthorized access.EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide V-213582CAT IIThe EDB Postgres Advanced Server must protect its audit features from unauthorized access.EDB Postgres Advanced Server v9.6 Security Technical Implementation Guide V-259231CAT IIThe EDB Postgres Advanced Server must protect its audit features from unauthorized access.EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide V-217394CAT IIThe BIG-IP appliance must be configured to protect audit tools from unauthorized access.F5 BIG-IP Device Management Security Technical Implementation Guide V-215752CAT IIThe BIG-IP Core implementation must be configured to protect audit tools from unauthorized access.F5 BIG-IP Local Traffic Manager Security Technical Implementation Guide V-278388CAT IINGINX must protect audit information from unauthorized access.F5 NGINX Security Technical Implementation Guide V-234186CAT IIThe FortiGate device must protect audit tools from unauthorized access.Fortinet FortiGate Firewall NDM Security Technical Implementation Guide V-203672CAT IIThe operating system must protect audit tools from unauthorized access.General Purpose Operating System Security Requirements Guide V-268256CAT IIThe HYCU virtual appliance must protect audit tools from unauthorized access, modification, and deletion.HYCU Protege Security Technical Implementation Guide V-215248CAT IIAIX audit tools must be owned by root.IBM AIX 7.x Security Technical Implementation Guide V-215249CAT IIAIX audit tools must be group-owned by audit.IBM AIX 7.x Security Technical Implementation Guide V-215250CAT IIAIX audit tools must be set to 4550 or less permissive.IBM AIX 7.x Security Technical Implementation Guide V-252560CAT IIThe IBM Aspera Console must protect audit tools from unauthorized access.IBM Aspera Platform 4.2 Security Technical Implementation Guide V-213685CAT IIDB2 must protect its audit features from unauthorized access.IBM DB2 V10.5 LUW Security Technical Implementation Guide V-65077CAT IIThe DataPower Gateway must protect audit tools from unauthorized access.IBM DataPower Network Device Management Security Technical Implementation Guide V-250329CAT IIThe WebSphere Liberty Server must protect log tools from unauthorized access.IBM WebSphere Liberty Server Security Technical Implementation Guide V-255851CAT IIThe WebSphere Application Server wsadmin file must be protected from unauthorized access.IBM WebSphere Traditional V9.x Security Technical Implementation Guide V-223554CAT IIIBM z/OS SMF collection files (i.e., SYS1.MANx) access must be limited to appropriate users and/or batch jobs that perform SMF dump processing.IBM z/OS ACF2 Security Technical Implementation Guide V-223701CAT IIIBM z/OS must limit access for SMF collection files (i.e., SYS1.MANx) to appropriate users and/or batch jobs that perform SMF dump processing.IBM z/OS RACF Security Technical Implementation Guide V-223881CAT IIIBM z/OS must limit access for SMF collection files (i.e., SYS1.MANx) to appropriate users and/or batch jobs that perform SMF dump processing.IBM z/OS TSS Security Technical Implementation Guide V-237931CAT IICA VM:Secure product SECURITY CONFIG file must be restricted to appropriate personnel.IBM zVM Using CA VM:Secure Security Technical Implementation Guide V-258600CAT IThe ICS must be configured to prevent nonprivileged users from executing privileged functions.Ivanti Connect Secure NDM Security Technical Implementation Guide V-253898CAT IIThe Juniper EX switch must be configured to protect audit tools from unauthorized access.Juniper EX Series Switches Network Device Management Security Technical Implementation Guide V-213823CAT IIAudit tools used in, or in conjunction with, SQL Server must be protected from unauthorized access.MS SQL Server 2014 Instance Security Technical Implementation Guide V-205480CAT IIThe Mainframe Product must protect audit tools from unauthorized access.Mainframe Product Security Requirements Guide V-253682CAT IIMariaDB must protect its audit features from unauthorized access.MariaDB Enterprise 10.x Security Technical Implementation Guide V-220352CAT IIMarkLogic Server must protect its audit features from unauthorized access.MarkLogic Server v9 Security Technical Implementation Guide V-255330CAT IIThe audit information produced by Azure SQL Database must be protected from unauthorized read access.Microsoft Azure SQL Database Security Technical Implementation Guide V-276299CAT IIAzure SQL Managed Instance must protect its audit configuration from unauthorized access, modification, and deletion.Microsoft Azure SQL Managed Instance Security Technical Implementation Guide V-271283CAT IISQL Server must protect its audit configuration from authorized and unauthorized access and modification.Microsoft SQL Server 2022 Instance Security Technical Implementation Guide V-221162CAT IIMongoDB must protect its audit features from unauthorized access.MongoDB Enterprise Advanced 3.x Security Technical Implementation Guide V-252136CAT IIMongoDB must protect its audit features from unauthorized access.MongoDB Enterprise Advanced 4.x Security Technical Implementation Guide V-265909CAT IIMongoDB must protect its audit features from unauthorized access.MongoDB Enterprise Advanced 7.x Security Technical Implementation Guide V-279337CAT IIMongoDB must protect its audit features from unauthorized access, modification, and removal.MongoDB Enterprise Advanced 8.x Security Technical Implementation Guide V-202042CAT IIThe network device must protect audit tools from unauthorized access.Network Device Management Security Requirements Guide V-254184CAT IINutanix AOS audit tools must be configured to 0755 or less permissive.Nutanix AOS 5.20.x OS Security Technical Implementation Guide V-279576CAT IINutanix OS must configure the audit log files to be owned by root.Nutanix Acropolis GPOS Security Technical Implementation Guide V-219764CAT IIThe DBMS must protect audit tools from unauthorized access.Oracle Database 11.2g Security Technical Implementation Guide V-220280CAT IIThe system must protect audit tools from unauthorized access.Oracle Database 12c Security Technical Implementation Guide V-270511CAT IIThe system must protect audit tools from unauthorized access, modification, or deletion.Oracle Database 19c Security Technical Implementation Guide V-248807CAT IIOL 8 audit tools must have a mode of "0755" or less permissive.Oracle Linux 8 Security Technical Implementation Guide V-248808CAT IIOL 8 audit tools must be owned by root.Oracle Linux 8 Security Technical Implementation Guide V-248809CAT IIOL 8 audit tools must be group-owned by root.Oracle Linux 8 Security Technical Implementation Guide V-271569CAT IIOL 9 must use cryptographic mechanisms to protect the integrity of audit tools.Oracle Linux 9 Security Technical Implementation Guide V-271824CAT IIOL 9 audit tools must be group-owned by root.Oracle Linux 9 Security Technical Implementation Guide V-271825CAT IIOL 9 audit tools must be owned by root.Oracle Linux 9 Security Technical Implementation Guide V-271826CAT IIOL 9 audit tools must have a mode of 0755 or less permissive.Oracle Linux 9 Security Technical Implementation Guide V-235160CAT IIThe MySQL Database Server 8.0 must protect its audit features from unauthorized access.Oracle MySQL 8.0 Security Technical Implementation Guide V-235957CAT IIOracle WebLogic must protect audit tools from unauthorized access.Oracle WebLogic Server 12c Security Technical Implementation Guide V-253524CAT IIUsers requiring access to Prisma Cloud Compute's Credential Store must be assigned and accessed by the appropriate role holders.Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide V-214141CAT IIPostgreSQL must protect its audit features from unauthorized access.PostgreSQL 9.x Security Technical Implementation Guide V-252843CAT IRancher MCM must use a centralized user management solution to support account management functions. For accounts using password authentication, the container platform must use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.Rancher Government Solutions Multi-Cluster Manager Security Technical Implementation Guide V-281077CAT IIRHEL 10 must be configured so that audit tools are owned by "root".Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-281078CAT IIRHEL 10 must be configured so that audit tools are group-owned by "root".Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-281094CAT IIRHEL 10 must enforce a mode of "0755" or less permissive for audit tools.Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-230472CAT IIRHEL 8 audit tools must have a mode of 0755 or less permissive.Red Hat Enterprise Linux 8 Security Technical Implementation Guide V-230473CAT IIRHEL 8 audit tools must be owned by root.Red Hat Enterprise Linux 8 Security Technical Implementation Guide V-230474CAT IIRHEL 8 audit tools must be group-owned by root.Red Hat Enterprise Linux 8 Security Technical Implementation Guide V-257887CAT IIRHEL 9 audit tools must have a mode of 0755 or less permissive.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-257924CAT IIRHEL 9 audit tools must be owned by root.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-257925CAT IIRHEL 9 audit tools must be group-owned by root.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258137CAT IIRHEL 9 must use cryptographic mechanisms to protect the integrity of audit tools.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-257534CAT IIOpenShift must prevent unauthorized changes to logon UIDs.Red Hat OpenShift Container Platform 4.12 Security Technical Implementation Guide V-257535CAT IIOpenShift must protect audit tools from unauthorized access.Red Hat OpenShift Container Platform 4.12 Security Technical Implementation Guide V-257534CAT IIOpenShift must prevent unauthorized changes to logon UIDs.Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide V-257535CAT IIOpenShift must protect audit tools from unauthorized access.Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide V-251205CAT IIRedis Enterprise DBMS must protect its audit features from unauthorized access.Redis Enterprise 6.x Security Technical Implementation Guide V-275586CAT IIUbuntu OS must configure audit tools with a mode of "755" or less permissive.Riverbed NetIM OS Security Technical Implementation Guide V-275601CAT IIUbuntu OS must configure audit tools to be owned by "root".Riverbed NetIM OS Security Technical Implementation Guide V-256079CAT IThe Riverbed NetProfiler must be configured to authenticate each administrator prior to authorizing privileges based on roles.Riverbed NetProfiler Security Technical Implementation Guide V-261419CAT IISLEM 5 audit tools must have the proper permissions configured to protect against unauthorized access.SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide V-261420CAT IISLEM 5 audit tools must have the proper permissions applied to protect against unauthorized access.SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide V-217203CAT IIThe SUSE operating system audit tools must have the proper permissions configured to protect against unauthorized access.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-22370CAT IIISystem audit tool executables must be owned by root.SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide V-22371CAT IIISystem audit tool executables must be group-owned by root, bin, sys, or system.SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide V-22372CAT IIISystem audit tool executables must have mode 0750 or less permissive.SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide V-22373CAT IIISystem audit tool executables must not have extended ACLs.SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide V-216282CAT IIThe operating system must protect audit tools from unauthorized access.Solaris 11 SPARC Security Technical Implementation Guide V-216047CAT IIThe operating system must protect audit tools from unauthorized access.Solaris 11 X86 Security Technical Implementation Guide V-221935CAT IISplunk Enterprise installation directories must be secured.Splunk Enterprise 7.x for Windows Security Technical Implementation Guide V-251672CAT IISplunk Enterprise installation directories must be secured.Splunk Enterprise 8.x for Linux Security Technical Implementation Guide V-279251CAT IThe Edge SWG must be configured to use at least two authentication servers for the purpose of authenticating users prior to granting administrative access.Symantec Edge SWG NDM Security Technical Implementation Guide V-94677CAT IISymantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized access.Symantec ProxySG NDM Security Technical Implementation Guide V-241025CAT IIThe Tanium Server must protect audit tools from unauthorized access, modification, or deletion.Tanium 7.0 Security Technical Implementation Guide V-234069CAT IIThe Tanium application must prohibit user installation of software without explicit privileged status.Tanium 7.3 Security Technical Implementation Guide V-254902CAT IIThe Tanium application must prohibit user installation, modification, or deletion of software without explicit privileged status.Tanium 7.x Application on TanOS Security Technical Implementation Guide V-253831CAT IIThe Tanium application must prohibit user installation, modification, or deletion of software without explicit privileged status.Tanium 7.x Security Technical Implementation Guide V-241127CAT IITrend Deep Security must protect audit tools from unauthorized access.Trend Micro Deep Security 9.x Security Technical Implementation Guide V-253022CAT IITOSS audit tools must be owned by "root".Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide V-282531CAT IITOSS 5 audit tools must have a mode of 0755 or less permissive.Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide V-282532CAT IITOSS 5 audit tools must be owned by root.Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide V-282533CAT IITOSS 5 audit tools must be group-owned by root.Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide V-282534CAT IITOSS 5 must use cryptographic mechanisms to protect the integrity of audit tools.Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide V-240291CAT IIThe vRA PostgreSQL configuration files must have the correct permissions.VMW vRealize Automation 7.x PostgreSQL Security Technical Implementation Guide V-239788CAT IIThe vROps PostgreSQL DB must protect its audit features from unauthorized access.VMW vRealize Operations Manager 6.x PostgreSQL Security Technical Implementation Guide V-240489CAT IIThe SLES for vRealize must protect audit tools from unauthorized access.VMware vRealize Automation 7.x SLES Security Technical Implementation Guide V-239582CAT IIThe SLES for vRealize must protect audit tools from unauthorized access.VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide V-256522CAT IIThe Photon operating system audit files and directories must have correct permissions.VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide V-256593CAT IIVMware Postgres configuration files must not be accessible by unauthorized users.VMware vSphere 7.0 vCenter Appliance PostgreSQL Security Technical Implementation Guide V-258837CAT IIThe Photon operating system must protect audit tools from unauthorized access.VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide V-259168CAT IIThe vCenter PostgreSQL service configuration files must not be accessible by unauthorized users.VMware vSphere 8.0 vCenter Appliance PostgreSQL Security Technical Implementation Guide V-207421CAT IIThe VMM must protect audit tools from unauthorized access.Virtual Machine Manager Security Requirements Guide V-269576CAT IIXylok Security Suite must protect audit information from any type of unauthorized access.Xylok Security Suite 20.x Security Technical Implementation Guide