UCF STIG Viewer Logo

Servers do not employ Host Based Intrusion Detection (HIDS).


Overview

Finding ID Version Rule ID IA Controls Severity
V-4027 EN540 SV-4027r1_rule Medium
Description
Servers without a HID may allow unauthorized access to go undetected and limit the ability of security personnel to stop malicious or unauthorized use of the device. In order to ensure that an attempted or existing attack goes unnoticed, the data from the HID must be monitored continuously.
STIG Date
DNS Policy 2018-04-05

Details

Check Text ( C-4321r1_chk )
Interview the IAO to determine if there is a process and policy in place to ensure Host Based IDS is installed on all servers.

Work with the reviewers to determine compliance.

**This check applies to Enhanced Compliance Validation visits.
Fix Text (F-3960r1_fix)
The IAO will ensure all servers employ HIDS, if technically feasible. This requirement may not pertain to legacy systems and cutting edge devices that do not yet have the capability. Documentation must exist from the vendor to approve any variance from this requirement.