V-38566: The audit system must be configured to audit failed attempts to access files and programs.
---------------------------------------------------------------------------------------------------

Unsuccessful attempts to access files could be an indicator of malicious
activity on a system. Auditing these events could serve as evidence of
potential system compromise.

Details: `V-38566 in STIG Viewer`_.

.. _V-38566 in STIG Viewer: https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/2015-05-26/finding/V-38566

Notes for deployers
~~~~~~~~~~~~~~~~~~~

.. include:: developer-notes/V-38566.rst