STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← AU-9 (3) — Protection of Audit Information

CCI-001496

Definition

Implement cryptographic mechanisms to protect the integrity of audit tools.

Parent Control

AU-9 (3)Protection of Audit InformationAudit and Accountability

Linked STIG Checks (41)

V-279070CAT IIColdFusion must be configured to support integration with a third-party Security Information and Event Management (SIEM) to support notifications.Adobe ColdFusion Security Technical Implementation Guide V-274026CAT IIAmazon Linux 2023 must use cryptographic mechanisms to protect the integrity of audit tools.Amazon Linux 2023 Security Technical Implementation Guide V-268555CAT IThe macOS system must ensure System Integrity Protection is enabled.Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-277165CAT IThe macOS system must ensure System Integrity Protection (SIP) is enabled.Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-222508CAT IIApplication audit tools must be cryptographically hashed.Application Security and Development Security Technical Implementation Guide V-222509CAT IIThe integrity of the audit tools must be validated by checking the files for changes in the cryptographic hash value.Application Security and Development Security Technical Implementation Guide V-204776CAT IIThe application server must use cryptographic mechanisms to protect the integrity of log tools.Application Server Security Requirements Guide V-219336CAT IIThe Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools.Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide V-238303CAT IIThe Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools.Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide V-260586CAT IIUbuntu 22.04 LTS must use cryptographic mechanisms to protect the integrity of audit tools.Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide V-270831CAT IIUbuntu 24.04 LTS must use cryptographic mechanisms to protect the integrity of audit tools.Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide V-269545CAT IIAlmaLinux OS 9 must use cryptographic mechanisms to protect the integrity of audit tools.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-233142CAT IIThe container platform must use cryptographic mechanisms to protect the integrity of audit tools.Container Platform Security Requirements Guide V-203682CAT IThe operating system must use cryptographic mechanisms to protect the integrity of audit tools.General Purpose Operating System Security Requirements Guide V-215251CAT IIAIX must verify the hash of audit tools.IBM AIX 7.x Security Technical Implementation Guide V-205530CAT IIThe Mainframe Product must use cryptographic mechanisms to protect the integrity of audit tools.Mainframe Product Security Requirements Guide V-254187CAT INutanix AOS must use cryptographic mechanisms to protect the integrity of audit tools.Nutanix AOS 5.20.x OS Security Technical Implementation Guide V-279574CAT INutanix OS must use cryptographic mechanisms to protect the integrity of audit tools.Nutanix Acropolis GPOS Security Technical Implementation Guide V-221652CAT IThe Oracle Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.Oracle Linux 7 Security Technical Implementation Guide V-248810CAT IIOL 8 must use cryptographic mechanisms to protect the integrity of audit tools.Oracle Linux 8 Security Technical Implementation Guide V-271569CAT IIOL 9 must use cryptographic mechanisms to protect the integrity of audit tools.Oracle Linux 9 Security Technical Implementation Guide V-252846CAT IIRancher MCM must allocate audit record storage and generate audit records associated with events, users, and groups.Rancher Government Solutions Multi-Cluster Manager Security Technical Implementation Guide V-256908CAT IIAutomation Controller must use cryptographic mechanisms to protect the integrity of log tools.Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide V-280978CAT IRHEL 10 must use cryptographic mechanisms to protect the integrity of audit tools.Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-204392CAT IThe Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.Red Hat Enterprise Linux 7 Security Technical Implementation Guide V-230475CAT IIRHEL 8 must use cryptographic mechanisms to protect the integrity of audit tools.Red Hat Enterprise Linux 8 Security Technical Implementation Guide V-258137CAT IIRHEL 9 must use cryptographic mechanisms to protect the integrity of audit tools.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-257522CAT IIAll audit records must generate the event results within OpenShift.Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide V-275673CAT IUbuntu OS must use cryptographic mechanisms to protect the integrity of audit tools.Riverbed NetIM OS Security Technical Implementation Guide V-261406CAT IISLEM 5 file integrity tool must be configured to protect the integrity of the audit tools.SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide V-217152CAT IIThe SUSE operating system file integrity tool must be configured to protect the integrity of the audit tools.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-216285CAT IISystem packages must be configured with the vendor-provided files, permissions, and ownerships.Solaris 11 SPARC Security Technical Implementation Guide V-216050CAT IISystem packages must be configured with the vendor-provided files, permissions, and ownerships.Solaris 11 X86 Security Technical Implementation Guide V-253023CAT IITOSS must use cryptographic mechanisms to protect the integrity of audit tools.Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide V-282534CAT IITOSS 5 must use cryptographic mechanisms to protect the integrity of audit tools.Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide V-239590CAT IIThe SLES for vRealize must use cryptographic mechanisms to protect the integrity of audit tools.VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide V-256447CAT IIThe ESXi host must implement Secure Boot enforcement.VMware vSphere 7.0 ESXi Security Technical Implementation Guide V-256525CAT IIThe Photon operating system package files must not be modified.VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide V-258741CAT IIThe ESXi host must enable Secure Boot.VMware vSphere 8.0 ESXi Security Technical Implementation Guide V-258839CAT IThe Photon operating system must use cryptographic mechanisms to protect the integrity of audit tools.VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide V-207431CAT IIThe VMM must use cryptographic mechanisms to protect the integrity of audit tools.Virtual Machine Manager Security Requirements Guide