The Central Log Server must map the authenticated identity to the individual user or group account for PKI-based authentication.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| low | V-206480 | SRG-APP-000177 | SRG-APP-000177-AU-002650 | SV-206480r961044_rule | 2024-12-04 | 3 |
| Description |
|---|
| Without mapping the certificate used to authenticate to the user account, the ability to determine the identity of the individual user or group will not be available for forensic analysis. |
| ℹ️ Check |
|---|
| Examine the configuration. Verify the Central Log Server is configured to map the authenticated identity to the individual user or group account for PKI-based authentication. If the Central Log Server is not configured to map the authenticated identity to the individual user or group account for PKI-based authentication, this is a finding. |
| ✔️ Fix |
|---|
| Configure the Central Log Server to map the authenticated identity to the individual user or group account for PKI-based authentication. |