[Fed-Talk] NISPOM auditing requirements
[Fed-Talk] NISPOM auditing requirements
- Subject: [Fed-Talk] NISPOM auditing requirements
- From: Todd Heberlein <email@hidden>
- Date: Fri, 15 May 2009 11:16:54 -0700
I was looking at the auditing capability requirements in NISPOM,
Chapter 8, Section 6, and I was wondering if someone has a concrete
set of questions auditors want to see of Mac OS? For example, 8-602.a.
1.c states:
"Successful and unsuccessful accesses to security-relevant objects and
directories, including creation, open, close, modification, and
deletion."
Is there a list of "security-relevant objects" for OS X that someone
wants to prove can be detected by the auditing system?
Likewise, 8-602.b.1 include: "Individual accountability (i.e., unique
identification of each user and association of that identity with all
auditable actions taken by that individual)"
Are there particular "auditable actions" that they are interested
(e.g., a change of password), or are they interested in all possible
auditable actions (e.g., creating a Word document, going to a web
site, reading email, ...)?
Thanks,
Todd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden