Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IDPS must notify an organizationally defined list of incident response personnel of suspicious events.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000259-IDPS-000242 | SRG-NET-000259-IDPS-000242 | SRG-NET-000259-IDPS-000242_rule | Medium |
| Description |
|---|
| Monitoring outbound traffic enables the network operator to detect an attack towards another network with the local enclave as the base. When a compromise, potential compromise, or breach has been discovered by the intrusion detection system, it is critical the appropriate personnel are notified via an alert mechanism. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43414_chk ) |
|---|
| Inspect the alerts configured on the IDS or IPS. Verify the sensors are configured to alert the various individuals when specific events (as defined by the organization) are detected. If the IDPS is not configured to alert specific individuals when suspicious events are detected, this is a finding. |
| Fix Text (F-43414_fix) |
|---|
| Implement alerts to notify specific individuals when suspicious events are detected. |