Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IDPS must use automated mechanisms to restrict the use of maintenance tools to authorized personnel only.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34689 | SRG-NET-000172-IDPS-00129 | SV-45570r1_rule | Medium |
| Description |
|---|
| This requirement addresses security-related issues associated with maintenance tools used specifically for diagnostic and repair actions on organizational information systems. Maintenance tools include hardware/software diagnostic test equipment and hardware/software packet sniffers. Maintenance tools connecting to an IDPS may contain malware or insert unauthorized capabilities; therefore, their use must be restricted to authorized personnel. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-42921r1_chk ) |
|---|
| Verify the IDPS restricts the use of maintenance tools to authorized system administrators. If the use of maintenance tools is not restricted, this is a finding. |
| Fix Text (F-38967r1_fix) |
|---|
| Configure the IDPS to restrict access to maintenance tools for the IDPS to authorized system administrators. |