UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Intrusion detection and prevention capabilities must be architected and implemented to prevent non-privileged users from circumventing such protections.


Overview

Finding ID Version Rule ID IA Controls Severity
V-47951 SOL-11.1-090170 SV-60823r1_rule Low
Description
Non-privileged users must not be able to alter intrusion detection and prevention systems to ensure these systems work properly. This can be accomplished through the use of user roles, use of proper systems permissions, auditing, logging, etc.
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2017-03-02

Details

Check Text ( C-50387r1_chk )
The operator will ensure that DoD approved intrusion detection software is installed, operating, and updated monthly. The configurations will be updated regularly. The software will be maintained per vendor documentation.

If the operator is unable to provide a documented configuration for an installed intrusion detection system or if the intrusion detection system is not properly configured, maintained or used, this is a finding.
Fix Text (F-51563r1_fix)
The operator will ensure that DoD approved intrusion detection software is installed, operating, and updated monthly. The configurations will be updated regularly. The software will be maintained per vendor documentation.