The IDPS must notify the user of organizationally defined security related changes to the user's account occurring during the organizationally defined time period.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000052-IDPS-000068 | SRG-NET-000052-IDPS-000068 | SRG-NET-000052-IDPS-000068_rule | Low |
| Description |
|---|
| Providing users with information regarding organizationally defined security related changes to the user's account occurring during the organizationally defined time period, allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. Changes to the user account during a specific time period could be an indication of the account being compromised. Hence, without notification to the user, the compromise could go undetected. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43196_chk ) |
|---|
| Verify the system is configured to notify the user of organizationally defined security related changes to the user's account occurring during the organizationally defined time period by logging on using both the GUI and SSH interfaces. If the system does not notify the user of organizationally defined security related changes to the user's account occurring during the organizationally defined time period, this is a finding. |
| Fix Text (F-43196_fix) |
|---|
| Configure the IDPS management console GUI and SSH interface to display the organizationally defined security-related changes to the user's account occurring during the organizationally defined time period. |