The IDPS must use cryptography to protect the integrity of audit tools.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000107-IDPS-000106 | SRG-NET-000107-IDPS-000106 | SRG-NET-000107-IDPS-000106_rule | Low |
| Description |
|---|
| Audit tools provide services such as audit reduction, reporting, or analysis. Without mechanisms such as a signed hash using asymmetric cryptography, the integrity of the collected data garnered from these tools is not fully protected. Mechanisms such as a signed hash using asymmetric cryptography must be used to protect the integrity of the audit tools used for audit reduction and reporting. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43237_chk ) |
|---|
| Examine the configuration of audit tools installed on the management console. Verify the cryptographic module is configured to use an asymmetric hashing algorithm (e.g., SHA-2 or MD5) for audit tools. If audit tools installed on the management console are not configured to use hashing algorithms which use asymmetric cryptography, this is a finding. |
| Fix Text (F-43237_fix) |
|---|
| Configure audit tools installed on the IDPS management console/server to use hashing algorithms which use asymmetric cryptography for audit tools. |