πΌ AU-9 Protection of Audit Information
- Contextual name: πΌ AU-9 Protection of Audit Information
- ID:
/frameworks/nist-sp-800-53-r5/au/09 - Located in: πΌ AU Audit And Accountability
Descriptionβ
a. Protect audit information and audit logging tools from unauthorized access, modification, and deletion; and b. Alert [Assignment: organization-defined personnel or roles] upon detection of unauthorized access, modification, or deletion of audit information.
Similarβ
- Sections
/frameworks/aws-fsbp-v1.0.0/cloudtrail/02/frameworks/aws-fsbp-v1.0.0/cloudtrail/04
- Internal
- ID:
dec-c-b292bd51
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ AWS Foundational Security Best Practices v1.0.0 β πΌ [CloudTrail.2] CloudTrail should have encryption at-rest enabled | 1 | |||
| πΌ AWS Foundational Security Best Practices v1.0.0 β πΌ [CloudTrail.4] CloudTrail log file validation should be enabled | 1 | 1 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ AU-9 Protection of Audit Information (L)(M)(H) | 3 | 9 | 11 | |
| πΌ FedRAMP Low Security Controls β πΌ AU-9 Protection of Audit Information (L)(M)(H) | 11 | |||
| πΌ NIST CSF v2.0 β πΌ PR.DS-10: The confidentiality, integrity, and availability of data-in-use are protected | 67 |
Sub Sectionsβ
Policies (2)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS CloudTrail is not encrypted with KMS CMK π’ | 1 | π’ x6 |
| π AWS CloudTrail Log File Validation is not enabled π’ | 1 | π’ x6 |