UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IDPS must prevent access to organizationally defined security-relevant information except during secure, non-operable system states.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000279-IDPS-000039 SRG-NET-000279-IDPS-000039 SRG-NET-000279-IDPS-000039_rule Medium
Description
Security relevant information is any information within the information system that can potentially impact the operation of security functions in a manner that could result in failure to enforce the system security policy or maintain isolation of code and data. Organizations may define specific security relevant information that requires protection. Examples: IDPS sensor rules, cryptographic key management information, key configuration parameters for security services, and access control lists. Secure, non-operable system states are states in which the IDPS is not performing mission or business-related processing (e.g., the system is off-line for maintenance, troubleshooting, boot-up, shutdown). Access to these types of data is to be prevented unless the system is in a maintenance mode or has otherwise been brought off-line. The goal is to minimize the potential that a security configuration or data may be dynamically and perhaps maliciously overwritten or changed without going through a formal system change process that can document the changes.
STIG Date
IDPS Security Requirements Guide (SRG) 2012-03-08

Details

Check Text ( C-43157_chk )
Verify when the IDPS base, sensors, and other components are off-line, the configuration files, log files, account information, and other security information are not accessible without proper authentication.

If the system does not prevent access when the system is in a state where the security policy and auditing cannot be enforced, this is a finding.

Fix Text (F-43157_fix)
Configure the management console management console to prevent administrator access when the audit and privilege policies cannot be enforced.