[Forgot Password]
Login  Register Subscribe

24003

 
 

131401

 
 

103942

 
 

909

 
 

83962

 
 

133

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90284-1

Platform: macosx10.10Date: (C)2015-06-23   (M)2018-03-17



Audit Successful and Unsuccessful Attempts to Gain Privileged Access Frequently, an attacker that successfully gains access to a system has only gained access to an account with limited privileges, such as a guest account or a service account. The attacker must attempt to change to another user account with normal or elevated privileges in order to proceed. Auditing successful and unsuccessful attempts to elevate privileges mitigates this risk.


Parameter: EXISTS/DOES NOT EXIST


Technical Mechanism: The options to configure the audit daemon are located in the /etc/security/audit_control file. To view the current settings, run the following command: sudo grep ^flags /etc/security/audit_control If the 'lo', 'ad', and 'aa' options are not set, this is a finding.

References:

Resource IdReference
NISTAU-12 c
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:25061


OVAL    1
oval:org.secpod.oval:def:25061
XCCDF    1
xccdf_org.secpod_benchmark_general_Mac_OS_X_10_10

© 2013 SecPod Technologies