UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The ALG must alert the IAO, IAM, and other individuals designated by the local organization when threats identified by Category I, II, IV, and VII incidents in accordance with CJCSM 6510.01B.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000392-ALG-000143 SRG-NET-000392-ALG-000143 SRG-NET-000392-ALG-000143_rule Medium
Description
When a security event occurs, the ALG must notify the appropriate support personnel to ensure action is taken to resolve the incident. Automated mechanisms can be used to send automatic alerts or notifications. Such automatic alerts or notifications can be conveyed in a variety of ways (e.g., telephonically, via electronic mail, via text message, or via websites). CJCSM 6510.01B, “Cyber Incident Handling Program” lists nine Cyber Incident and Reportable Event Categories. Indications of a category 1, 2, 4, or 7 incident or indications of threats identified by a CTO must immediately trigger an alert to the IAO, IAM, and other authorized security personnel. Category 1 - Root Level Intrusion (Incident) Category 2 - User Level Intrusion (Incident) Category 4 - Denial of Service (Incident) Category 7 - Malicious Logic (Incident)
STIG Date
Application Layer Gateway Security Requirements Guide 2014-06-27

Details

Check Text ( C-SRG-NET-000392-ALG-000143_chk )
Verify the ALG is configured to send an alert to the IAO, IAM, and organizationally identified individuals when threats identified by Category I, II, IV, and VII incidents are detected.

If the ALG is not configured to send an alert to the IAO, IAM, and organizationally identified individuals when threats identified by Category I, II, IV, and VII incidents are detected, this is a finding.
Fix Text (F-SRG-NET-000392-ALG-000143_fix)
Configure the ALG to send an alert to the IAO, IAM, and organizationally identified individuals when threats identified by Category I, II, IV, and VII incidents are detected.