UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IDPS must employ cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.


Overview

Finding ID Version Rule ID IA Controls Severity
V-34734 SRG-NET-000219-IDPS-00157 SV-45634r1_rule Medium
Description
The most common vulnerabilities with cryptographic modules are those associated with poor implementation. Using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance provides additional assurance that the cryptography has been implemented correctly. FIPS validation is a strict requirement for the use of cryptography in the Federal Government for unclassified information, as is NSA approval of cryptography for classified data and applications. This requirement applies where cryptography is required by the data owner or organizational policy to protect data in transit to or from the IDPS components or to protect data in storage on the IDPS components.
STIG Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide 2012-11-19

Details

Check Text ( C-43000r1_chk )
Verify a FIPS-validated or NSA-approved cryptographic module is installed and configured on the IDPS components to protect transmissions and data in storage.

If FIPS-validated or NSA-approved cryptography is not used, this is a finding.
Fix Text (F-39032r1_fix)
Ensure the IDPS uses cryptographic protections which employ FIPS 140 validated or NSA approved cryptographic modules.