UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must provide notification of failed automated security tests.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000269-NDM-000181 SRG-NET-000269-NDM-000181 SRG-NET-000269-NDM-000181_rule Medium
Description
Upon detection of a failure of an automated security self-test, the network device must respond in accordance with organizationally defined responses and alternative actions. Without taking any self-healing actions or notifying an administrator, the defense of the element and the network is left vulnerable and both could be breached. If system administrators are not alerted to failed security tests, the systems' defenses could become compromised without the knowledge of the system administrators.
STIG Date
Network Device Management Security Requirements Guide 2013-07-30

Details

Check Text ( C-SRG-NET-000269-NDM-000181_chk )
Verify alerts are enabled to notify system administrators of failed security self-tests when they occur on the network device.

If the system is not configured to provide notification of failed automated security tests, this is a finding.
Fix Text (F-SRG-NET-000269-NDM-000181_fix)
Enable notifications for failed security self-tests on the network device. Configure the notification to alert the system administrator upon failure of the self-tests.