The operating system must protect information obtained from intrusion-monitoring tools from unauthorized access, modification, and deletion.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-47947 | SOL-11.1-090180 | SV-60819r1_rule | Low |
| Description |
|---|
| Intrusion detection and prevention capabilities must be architected and implemented to prevent non-privileged users from accessing, modifying, or deleting information derived from intrusion-monitoring tools. This can be accomplished through the use of user roles, use of proper systems permissions, auditing, logging, etc. |
| STIG | Date |
|---|---|
| Solaris 11 SPARC Security Technical Implementation Guide | 2017-03-02 |
Details
| Check Text ( C-50383r1_chk ) |
|---|
| The operator will ensure that DoD approved intrusion detection software is installed, operating, and updated monthly. The configurations will be updated regularly. The software will be maintained per vendor documentation. If the operator is unable to provide a documented configuration for an installed intrusion detection system or if the intrusion detection system is not properly configured, maintained or used, this is a finding. |
| Fix Text (F-51559r1_fix) |
|---|
| The operator will ensure that DoD approved intrusion detection software is installed, operating, and updated monthly. The configurations will be updated regularly. The software will be maintained per vendor documentation. |