CoreOS 4.x - Audit and Accountability

Control responses for NIST 800-53 rev4.

NOTE: All CoreOS content is under active development through the ComplianceAsCode Project. Do not consider this content production ready!

Requirements Traceability Matrix

Control Name Status
AU-1 Audit And Accountability Policy And Procedures

not applicable

AU-2 Audit Events
AU-2 (1) Compilation Of Audit Records From Multiple Sources
AU-2 (2) Selection Of Audit Events By Component
AU-2 (3) Reviews And Updates
AU-2 (4) Privileged Functions
AU-3 Content Of Audit Records
AU-3 (1) Additional Audit Information
AU-3 (2) Centralized Management Of Planned Audit Record Content
AU-4 Audit Storage Capacity
AU-4 (1) Transfer To Alternate Storage
AU-5 Response To Audit Processing Failures
AU-5 (1) Audit Storage Capacity
AU-5 (2) Real-Time Alerts
AU-5 (3) Configurable Traffic Volume Thresholds
AU-5 (4) Shutdown On Failure
AU-6 Audit Review, Analysis, And Reporting
AU-6 (1) Process Integration
AU-6 (2) Automated Security Alerts
AU-6 (3) Correlate Audit Repositories
AU-6 (4) Central Review And Analysis
AU-6 (5) Integration / Scanning And Monitoring Capabilities
AU-6 (6) Correlation With Physical Monitoring
AU-6 (7) Permitted Actions
AU-6 (8) Full Text Analysis Of Privileged Commands
AU-6 (9) Correlation With Information From Nontechnical Sources
AU-6 (10) Audit Level Adjustment
AU-7 Audit Reduction And Report Generation
AU-7 (1) Automatic Processing
AU-7 (2) Automatic Sort And Search
AU-8 Time Stamps
AU-8 (1) Synchronization With Authoritative Time Source
AU-8 (2) Secondary Authoritative Time Source
AU-9 Protection Of Audit Information
AU-9 (1) Hardware Write-Once Media
AU-9 (2) Audit Backup On Separate Physical Systems / Components
AU-9 (3) Cryptographic Protection
AU-9 (4) Access By Subset Of Privileged Users
AU-9 (5) Dual Authorization
AU-9 (6) Read Only Access
AU-10 Non-Repudiation
AU-10 (1) Association Of Identities
AU-10 (2) Validate Binding Of Information Producer Identity
AU-10 (3) Chain Of Custody
AU-10 (4) Validate Binding Of Information Reviewer Identity
AU-10 (5) Digital Signatures
AU-11 Audit Record Retention
AU-11 (1) Long-Term Retrieval Capability
AU-12 Audit Generation
AU-12 (1) System-Wide / Time-Correlated Audit Trail
AU-12 (2) Standardized Formats
AU-12 (3) Changes By Authorized Individuals
AU-13 Monitoring For Information Disclosure
AU-13 (1) Use Of Automated Tools
AU-13 (2) Review Of Monitored Sites
AU-14 Session Audit
AU-14 (1) System Start-Up
AU-14 (2) Capture/Record And Log Content
AU-14 (3) Remote Viewing / Listening
AU-15 Alternate Audit Capability
AU-16 Cross-Organizational Auditing
AU-16 (1) Identity Preservation
AU-16 (2) Sharing Of Audit Information