UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IDPS must automatically implement organizationally defined safeguards and countermeasures if security functions or mechanisms are changed inappropriately.


Overview

Finding ID Version Rule ID IA Controls Severity
V-34613 SRG-NET-000124-IDPS-00091 SV-45481r1_rule Medium
Description
Changes to any software components of the IDPS can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals are allowed administrative access to the IDPS for implementing any changes or upgrades. In order to ensure a prompt response to unauthorized changes to IDPS security functions, the organizations will define the safeguards the device must undertake in the event these changes occur.
STIG Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide 2012-11-19

Details

Check Text ( C-42832r1_chk )
This requirement is not applicable if the underlying OS provides safeguards and countermeasures for the IDPS software components.

Verify organizationally defined prevention measures (safeguards) actions (countermeasures) are configured to occur when unauthorized changes are made to the security functions and mechanisms.

If organizationally defined safeguards and countermeasures are not configured, this is a finding.
Fix Text (F-38878r1_fix)
Configure organizationally defined safeguards and countermeasures (e.g., alerts) to occur when security functions or mechanisms are inappropriately changed.