The level of audit has not been established or the audit logs being collected for the devices and print spoolers are not being reviewed.

From Multifunction Device and Network Printers STIG

Part of MFD Level of Audit and Reviewing

Associated with IA controls: ECAR-3, ECAR-2, ECAT-2, ECAR-1, ECAT-1

SV-7024r2_rule The level of audit has not been established or the audit logs being collected for the devices and print spoolers are not being reviewed.

Vulnerability discussion

If inadequate information is captured in the audit, the identification and prosecution of malicious user will be very difficult. If the audits are not regularly reviewed suspicious activity may go undetected for a long time. Therefore, the level of auditing for MFDs, printers, and print spoolers must be defined and personnel identified to review the audit logs.

Check content

Obtain and review the organization's MFD and printer security policy. If the level of auditing has not been established, this is a finding. If personnel have not been identified to regularly review MFD, printer, and print spooler logs, this is a finding.

Fix text

Define the level of auditing and identify personnel responsible for reviewing audit logs of MFDs, printers, and print spoolers.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.