The network element must verify the correct operation of security functions in accordance with organization-defined conditions and in accordance with organization-defined frequency (if periodic verification).

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-27501	SRG-NET-000267	SV-34810r1_rule		Medium

Description
The need to verify security functionality is necessary to ensure that the network element’s defense is enabled. For those security functions that are not able to execute automated self-tests the organization either implements compensating security controls or explicitly accepts the risk of not performing the verification as required. If all security functions are not operating efficiently, the defense of the element and the network is left vulnerable and both could be breached.

Description

The need to verify security functionality is necessary to ensure that the network element’s defense is enabled. For those security functions that are not able to execute automated self-tests the organization either implements compensating security controls or explicitly accepts the risk of not performing the verification as required. If all security functions are not operating efficiently, the defense of the element and the network is left vulnerable and both could be breached.

STIG	Date
Network Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None