AU-9: Protection Of Audit Information
Generated
2019-05-20 15:48:11.984914
Status
Passed
Statements
The information system protects audit information and audit tools from unauthorized access, modification, and deletion.
STIG
STIG # | Description | Result |
---|---|---|
V-72847 | The audit information produced by PostgreSQL must be protected from unauthorized modification. | passed |
V-72885 | The audit information produced by PostgreSQL must be protected from unauthorized deletion. | passed |
V-72915 | The audit information produced by PostgreSQL must be protected from unauthorized read access. | passed |
V-73039 | PostgreSQL must protect its audit features from unauthorized access. | passed |
V-73043 | PostgreSQL must protect its audit features from unauthorized removal. | passed |
V-73061 | PostgreSQL must protect its audit configuration from unauthorized modification. | passed |
Additional Guidance
Audit information includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity. This control focuses on technical protection of audit information. Physical protection of audit information is addressed by media protection controls and physical and environmental protection controls.