UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IDPS must enforce dual authorization based on organizational policies and procedures for organizationally defined privileged commands.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000016-IDPS-000035 SRG-NET-000016-IDPS-000035 SRG-NET-000016-IDPS-000035_rule Medium
Description
Dual authorization mechanisms require two forms of approval to execute. An organization may determine certain commands or IDPS configuration changes require dual-authorization before being activated. However, an organization should not employ dual authorization mechanisms when an immediate response is necessary to ensure public and environmental safety. If dual authorization is not automatically enforced by the system, system administrators would be able to change the system configuration without oversight from a second administrator when required by the site security policy. If dual authorization is a requirement for the site, this control applies to the IDPS sensor logs and other files.
STIG Date
IDPS Security Requirements Guide (SRG) 2012-03-08

Details

Check Text ( C-43153_chk )
Inspect the management console configuration. Verify the settings enabling dual authorization are configured. Verify these settings cannot be disabled without dual authorization.

If the IDPS settings to enable dual authorization are not enabled, this is a finding.
Fix Text (F-43153_fix)
Enable IDPS settings to require dual authorization for organizationally defined privileged commands.