The IDPS must employ cryptographic mechanisms to prevent unauthorized disclosure of information at rest unless otherwise protected by alternative physical measures.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34753 | SRG-NET-000239-IDPS-00173 | SV-45663r1_rule | Medium |
| Description |
|---|
| This requirement is intended to address the confidentiality and integrity of system information at rest when it is located on a secondary storage device within the IDPS. It is imperative that system data that is generated, as well as device configuration data, is protected. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-43029r1_chk ) |
|---|
| Inspect the encryption configuration. Verify encryption is automatically used for all data at rest. If the system is not configured to employ cryptographic mechanisms to prevent unauthorized disclosure of information at rest unless otherwise protected by alternative physical measures, this is a finding. |
| Fix Text (F-39061r1_fix) |
|---|
| Open the device’s management application and navigate to the encryption configuration screen. Configure the device so encryption is automatically used for all data at rest. |