UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IAO/NSO will ensure that alarms are categorized by severity using the following guidelines: - Critical and major alarms are given when a condition that affects service has arisen. For a critical alarm, steps must be taken immediately in order to restore the service that has been lost completely. - A major alarm indicates that steps must be taken as soon as possible because the affected service has degraded drastically and is in danger of being lost completely. - A minor alarm indicates a problem that does not yet affect service, but may do so if the problem is not corrected. - A warning alarm is used to signal a potential problem that may affect service. - An indeterminate alarm is one that requires human intervention to decide its severity.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3047 NET1720 SV-3047r1_rule ECSC-1 Low
Description
Without the proper categories of severity levels being defined on the NMS, outages or attacks may not be responded to by order of criticality. If a critical attack or outage is not responded to first, then there will be a delay in fixing the problem, which may cause network outages to last longer than necessary or expose the network to larger more extensive attacks or outages.
STIG Date
Network Devices Security Technical Implementation Guide 2018-11-27

Details

Check Text ( C-3827r1_chk )
Request that the network engineer demonstrate the alert capabilities.
Fix Text (F-3072r1_fix)
The NSO will ensure that the NMS security alarm severity levels are configured as critical, major, minor, warning and indeterminate.