Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IDPS must employ cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000219-IDPS-000176 | SRG-NET-000219-IDPS-000176 | SRG-NET-000219-IDPS-000176_rule | Medium |
| Description |
|---|
| It is imperative the authentication process and the transmission of network management traffic implements cryptographic modules adhering to the standards approved by the federal government. If approved encryption and/or hashing methods are not used during the authentication process, malicious users can gain knowledge of passwords and other configuration information by sniffing IDPS traffic on the network. FIPS-validated or NSA-approved cryptographic modules must be used by the IDPS whenever cryptographic protection is required. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43320_chk ) |
|---|
| Verify a FIPS-validated or NSA-approved cryptographic module is installed and configured on the IDPS components to protect transmissions and data in storage when required by policy. If cryptography is the not FIPS-validated or NSA approved is used by the IDPS to protect data in transit or in storage, this is a finding. |
| Fix Text (F-43320_fix) |
|---|
| Install and configure the IDPS components to use FIPS-validated or NSA-approved cryptographic module configured on the IDPS components to protect transmissions and data in storage where required by policy |