The network element must prevent the installation of organization-defined critical software programs not signed with a certificate that is recognized and approved by the organization.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-27269 | SRG-NET-000121 | SV-34568r1_rule | Medium |
| Description |
|---|
| Changes to any software components of the network element can have significant effects on the overall security of the network. Verifying the authenticity of the software prior to installation validates the integrity of the patch or upgrade received from a vendor. This ensures the software has not been tampered with and that it has been provided by a trusted vendor. |
| STIG | Date |
|---|---|
| Network Security Requirements Guide | 2011-12-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (None) |
|---|
| None |