Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-4027 | EN540 | SV-4027r1_rule | Medium |
Description |
---|
Servers without a HID may allow unauthorized access to go undetected and limit the ability of security personnel to stop malicious or unauthorized use of the device. In order to ensure that an attempted or existing attack goes unnoticed, the data from the HID must be monitored continuously. |
STIG | Date |
---|---|
DNS Policy | 2016-06-30 |
Check Text ( C-4321r1_chk ) |
---|
Interview the IAO to determine if there is a process and policy in place to ensure Host Based IDS is installed on all servers. Work with the reviewers to determine compliance. **This check applies to Enhanced Compliance Validation visits. |
Fix Text (F-3960r1_fix) |
---|
The IAO will ensure all servers employ HIDS, if technically feasible. This requirement may not pertain to legacy systems and cutting edge devices that do not yet have the capability. Documentation must exist from the vendor to approve any variance from this requirement. |