The IDPS must support organizational requirements to conduct backups of user-level information contained in the device per organizationally defined frequency that is consistent with recovery time and recovery point objectives.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000135-IDPS-000127 | SRG-NET-000135-IDPS-000127 | SRG-NET-000135-IDPS-000127_rule | Low |
| Description |
|---|
| User information contained on an IDPS is associated to the users account and the resources the user is authorized to access. If this information becomes corrupted by hardware failures or by a malicious user, it must be restored immediately to ensure network access availability. Backing up this information is a critical step for data recovery. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43260_chk ) |
|---|
| Verify the user account and permission information is included in the backup job. Verify this information is backed up in accordance with an organizationally defined schedule. Verify the backup job is scheduled to perform automatically without system administrator intervention. Verify the backup is configured to a different system or off-line media. If user account information is not backed up periodically to a different system or off-line media, this is a finding. |
| Fix Text (F-43260_fix) |
|---|
| Configure a backup job to automatically backup the user account information on a schedule identified by the DAA or designated representative. Verify the backup is configured to direct the sensor log files to a different system or off-line media. |