>From 0248a7c1bbdc2a5250f03c6bb596f58890780a43 Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Wed, 4 Jul 2012 02:01:19 -0400 Subject: [PATCH 07/11] Updated policy mappings for audit_file_access
Mapped to CCI-000126, AU-2.1(v), and AU-2 d --- rhel6/src/input/system/auditing.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/system/auditing.xml b/rhel6/src/input/system/auditing.xml index f62abba..63eb5c7 100644 --- a/rhel6/src/input/system/auditing.xml +++ b/rhel6/src/input/system/auditing.xml @@ -606,7 +606,7 @@ appropriate for your system: these events could serve as evidence of potential system compromise.</rationale> <ident cce="14917-9" /> <oval id="audit_rules_unsuccessful_file_modification" /> -<ref nist="AU-2" /> +<ref nist="AU-2.1 (v),AU-2 d" disa="126" /> </Rule> <Rule id="audit_privileged_commands"> -- 1.7.1
_______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
