Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IDPS must update malicious code protection mechanisms and rules definitions whenever new releases are available in accordance with organizational configuration management policy and procedures.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34759 | SRG-NET-000246-IDPS-00175 | SV-45683r1_rule | Medium |
| Description |
|---|
| Malicious code includes viruses, worms, Trojan horses, and spyware. The code provides the ability for a malicious user to read from and write to files and folders on a computer's hard drive. It can also run and attach programs, which provide a high risk potential for the distribution of malicious mobile code. Malicious code can be transported by electronic mail, mail attachments, web accesses, and removable media. While the IDPS cannot replace anti-virus or HIDS protection installed on the network's endpoints, sensor rules can be implemented which provide preemptive defense against both known and zero day vulnerabilities. However, if sensor rules are not kept up to date, new defenses and protection against emerging threats will not be available. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-43049r1_chk ) |
|---|
| Review the configuration or system maintenance logs to verify the malicious code protection mechanisms and rules definitions are kept updated when new releases are available. If malicious code protection mechanisms and rules definitions are not kept updated, this is a finding. |
| Fix Text (F-39081r1_fix) |
|---|
| Configure the IDPS for implementing updates for sensor rules and malicious code protection mechanisms in accordance with organizational configuration management policy and procedures. |