FIPS 199 High Impact (for ICS) |
| Findings
Color Code |
| Satisfied |
| Other Than Satisfied - not assessed |
| Other Than Satisfied - failed
|
|
|
NIST SP 800-53A AC-02(04) .01(ii)
|
Question: Were both positive and negative test cases used in testing the add-on automated mechanism that reads the security audit log and notifies appropriate individuals of username creation, modification or disabling ? |
|
Answered by: BOSTON::HARRISON
As part of Invasive Testing group: TEST_ADD_AUTHAUDIT
|
Answer: YES
|
|
|
This NIST 800-53 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.
|