CCI-001686 requires notifying, as required, appropriate individuals when accounts are terminated. This can be accomplished with the audit system.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/auditing.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/system/auditing.xml b/rhel6/src/input/system/auditing.xml index 2be0dea..b80409a 100644 --- a/rhel6/src/input/system/auditing.xml +++ b/rhel6/src/input/system/auditing.xml @@ -497,7 +497,7 @@ that any unexpected users, groups, or modifications be investigated for legitimacy.</rationale> <ident cce="14829-6" /> <oval id="audit_rules_usergroup_modification" /> -<ref nist="AU-2(a)" disa="18,1403,1404,1405,1684,1683,1685"/> +<ref nist="AU-2(a)" disa="18,1403,1404,1405,1684,1683,1685,1686"/> </Rule> <Rule id="audit_network_modifications"> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
