The network device must respond to security function anomalies in accordance with organizationally defined responses and alternative actions.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000268-NDM-000180	SRG-NET-000268-NDM-000180	SRG-NET-000268-NDM-000180_rule		Medium

Description
Verification of security functionality is necessary to ensure the system's defenses are enabled. These anomalies are detected by running self-tests on each component in the network device. For those security functions that are not able to execute automated self-tests the organization either implements compensating security controls or explicitly accepts the risk of not performing the verification as required. Upon detection of security function anomalies or failure of automated self-tests, the network device must respond in accordance with organizationally defined responses and alternative actions. If security functionality is not verified, the system could become compromised without the knowledge of the system administrators. If automated self-tests are not available for all devices, then implement one of the following alternatives: (i) Document the risk as accepted. (ii) Provide and document manual testing procedures.

Description

Verification of security functionality is necessary to ensure the system's defenses are enabled. These anomalies are detected by running self-tests on each component in the network device. For those security functions that are not able to execute automated self-tests the organization either implements compensating security controls or explicitly accepts the risk of not performing the verification as required. Upon detection of security function anomalies or failure of automated self-tests, the network device must respond in accordance with organizationally defined responses and alternative actions. If security functionality is not verified, the system could become compromised without the knowledge of the system administrators. If automated self-tests are not available for all devices, then implement one of the following alternatives: (i) Document the risk as accepted. (ii) Provide and document manual testing procedures.

STIG	Date
Network Device Management Security Requirements Guide	2013-07-30

Details

Check Text ( C-SRG-NET-000268-NDM-000180_chk )
Verify automated self-tests are configured to take action if a network device failure is detected. If the system is not configured to respond to security function anomalies in accordance with organizationally defined responses and alternative actions, this is a finding.

Fix Text (F-SRG-NET-000268-NDM-000180_fix)
Enable automation self-test failure action (e.g., state change, alerts, or alarms) for the network device.