Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-12028 | GEN006560 | SV-37747r2_rule | ECAT-1 ECAT-2 | Medium |
Description |
---|
Timely notifications of potential security compromises minimize the potential damage. Minimally, the system must log these events, and the SA and the ISSO will receive the notifications during the daily system log review. If feasible, active alerting (such as e-mail or paging) should be employed consistent with the site's established operations management systems and procedures. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 5 Security Technical Implementation Guide | 2015-06-12 |
Check Text ( C-36944r1_chk ) |
---|
For each security tool on the system, determine if the tool is configured to notify the IAO and SA of any detected security problem. If such notifications are not configured, this is a finding. |
Fix Text (F-32209r1_fix) |
---|
Configure the security tools on the system to notify the IAO and SA when any security issues are detected. |