1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
controls:
- id: SRG-APP-000118-CTR-000240
levels:
- medium
title: {{{ full_name }}} must protect audit information from any type of unauthorized
read access.
rules:
- file_ownership_var_log_audit
- file_permissions_var_log_audit
- file_permissions_system_journal
- file_owner_system_journal
- file_groupowner_system_journal
- file_permissions_var_log
- file_owner_var_log
- file_groupowner_var_log
- file_owner_groupowner_permissions_pod_logs
related_rules:
- audit_log_forwarding_uses_tls
- audit_profile_set
- directory_permissions_var_log_kube_audit
- directory_permissions_var_log_oauth_audit
- directory_permissions_var_log_ocp_audit
status: automated
|
