The organization must coordinate the Call Detail Record (CDR) function with other organizational entities requiring CDR information to help guide the selection of CDR events.

From Voice Video Policy Security Technical Implementation Guide

Part of SRG-POL-300142

Associated with: CCI-000124

VVSP-01-000031_rule The organization must coordinate the Call Detail Record (CDR) function with other organizational entities requiring CDR information to help guide the selection of CDR events.

Vulnerability discussion

An event is any observable occurrence in an organizational information system. Organizations identify audit events as events that are significant and relevant to the security of information systems and the environments in which those systems operate in order to meet specific and ongoing audit needs.For Voice Video systems, session events produce CDRs used for traffic and forensic analysis. The CDR contains the who, what, where, when, and how for the Voice Video elements handling signaling and media traffic. The loss or alteration of these records could allow an adversary to perform attacks undetected.

Check content

Review the CDR policy to confirm the organization coordinates the CDR function with other organizational entities requiring CDR information to help guide the selection of CDR events. If the organization does not coordinate the CDR function with other organizational entities requiring CDR information, this is a finding.

Fix text

Develop and document in the CDR policy the methods used by the organization to coordinate the CDR function with other organizational entities requiring CDR information to help guide the selection of CDR events.

Pro Tips

Powered by sagemincer