Details

A major tool in exploring the web site use, attempted use, unusual conditions and problems are the access and error logs. In the event of a security incident, these logs can provide the SA and Web

Manager with valuable information. To ensure the integrity of the log files and protect the SA and Web

Manager from a conflict of interest related to the maintenance of these files, only the members of the

Auditors group will be granted permissions to move, copy and delete these files in the course of their

duties related to the archiving of these files.

Solution

Remove the unauthorized permissions from the applicable accounts.

Supportive Information

The following resource is also helpful.

• https://iasecontent.disa.mil/stigs/zip/U_Apache_2-2_WIN_V1R13_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control, Audit and Accountability, Configuration Management.This control applies to the following type of system Windows.

References

• 800-53|AC-6(7)(b)
• 800-53|AU-9(4)
• 800-53|CM-6b.
• CAT|II
• CSCv6|3.1
• Rule-ID|SV-33135r1_rule
• STIG-ID|WG250_W22
• Vuln-ID|V-2252

Source

• Tenable.com/audits