Email audit trails must be reviewed daily.

From Email Services Policy STIG

Part of EMG3-037 Audit Trail Reviews

Associated with IA controls: ECAT-1

SV-20654r3_rule Email audit trails must be reviewed daily.

Vulnerability discussion

Access to email servers and software are logged to establish a history of actions taken in the system. Unauthorized access or use of the system could indicate an attempt to bypass established permissions. Reviewing the log history can lead to discovery of unauthorized access attempts. Reviewing the logs daily helps to ensure prompt attention is given to any suspicious activities discovered therein.

Check content

Review the audit trail review procedures in the EDSP. Examine artifacts of log reviews (results) and review frequency. If Audit trail review procedures and evidence of review results exist, this is not a finding.

Fix text

Document audit record review procedures in the EDSP. Implement audit record daily reviews as documented.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer