Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IDPS must take an organizationally defined list of least-disruptive actions to terminate suspicious events.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000260-IDPS-000241 | SRG-NET-000260-IDPS-000241 | SRG-NET-000260-IDPS-000241_rule | Medium |
| Description |
|---|
| Monitoring outbound traffic enables the network operator to detect an attack towards another network with the local enclave as the base. When a compromise, potential compromise, or breach has been discovered by the intrusion detection system, the IDPS must take action to thwart the attack using methods creating the least disruption to network availability. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43413_chk ) |
|---|
| Verify the IDPS is configured to take an organizationally defined list of least-disruptive actions to terminate suspicious events. If the IDPS is not configured to take an organizationally defined list of least-disruptive actions to terminate suspicious events, this is a finding. |
| Fix Text (F-43413_fix) |
|---|
| Configure the IDPS to take an organizationally defined list of least-disruptive actions to terminate suspicious events |