The organization must ensure WIDS sensor scan results are saved for at least one year.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-MPOL-076 | SRG-MPOL-076 | SRG-MPOL-076_rule | Low |
| Description |
|---|
| If organizations do not maintain scan logs, it cannot be determined if intrusion detection findings are isolated and harmless events, or a more sustained, methodical attack on the system. |
| STIG | Date |
|---|---|
| Mobile Policy Security Requirements Guide | 2012-10-10 |
Details
| Check Text ( C-SRG-MPOL-076_chk ) |
|---|
| Verify the organization has saved its scan results for at least one year, viewing one of the older logs to validate the practice. If the organization is not saving the wireless IDS scan results, or is saving them for less than one year, this is a finding. |
| Fix Text (F-SRG-MPOL-076_fix) |
|---|
| Maintain the results of wireless IDS sensor scan results for one year. |