The IDPS must use cryptography to protect the integrity of audit tools.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34587 | SRG-NET-000107-IDPS-00078 | SV-45450r1_rule | Low |
| Description |
|---|
| Audit tools provide services, such as audit reduction, reporting, or analysis. Without mechanisms, such as a signed hash using asymmetric cryptography, the integrity of the collected data garnered from these tools is not fully protected. Mechanisms, such as a signed hash using asymmetric cryptography, must be used to protect the integrity of the audit tools used for audit reduction and reporting. Audit tools integrated into the IDPS must use cryptographic mechanisms to protect and store audit information transmitted or stored by these tools. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-42799r2_chk ) |
|---|
| If audit tools are not installed on the IDPS, this is not a finding. Examine the configuration of audit tools installed on the management console. Verify the cryptographic module is configured to use an asymmetric hashing algorithm which uses asymmetric cryptography (e.g., SHA-2 or MD5) for audit tools. If audit tools installed on the management console are not configured to use hashing algorithms which use asymmetric cryptography, this is a finding. |
| Fix Text (F-38847r1_fix) |
|---|
| Configure audit tools installed on the IDPS management console/server to use hashing algorithms which use asymmetric cryptography for audit tools. |