CCI-000374 requires employing automated mechanisms to respond to unauthorized changes to org-defined configuration settings. The audit system can be used for this purpose.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/auditing.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/system/auditing.xml b/rhel6/src/input/system/auditing.xml index b80409a..f60081d 100644 --- a/rhel6/src/input/system/auditing.xml +++ b/rhel6/src/input/system/auditing.xml @@ -354,7 +354,7 @@ After reviewing all the rules, reading the following sections, and editing as needed, the new rules can be activated as follows: <pre># service auditd restart</pre> </description> -<ref disa="171,172,1115,1454,1487,1571,1589,880,347,85,1274,1356" /> +<ref disa="171,172,1115,1454,1487,1571,1589,880,347,85,1274,1356,374" /> <Group id="audit_time_rules"> <title>Records Events that Modify Date and Time Information</title> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
