The operating system must employ automated mechanisms to alert security personnel of any organization-defined inappropriate or unusual activities with security implications.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-47945	SOL-11.1-090200	SV-60817r1_rule		Low

Description
Intrusion detection and prevention capabilities must be architected and implemented to prevent non-privileged users from circumventing such protections. This can be accomplished through the use of user roles, use of proper systems permissions, auditing, logging, etc.

STIG	Date
Solaris 11 X86 Security Technical Implementation Guide	2017-09-20

Details

Check Text ( C-50381r1_chk )
The operator will ensure that DoD approved intrusion detection software is installed, operating, and updated monthly. The configurations will be updated regularly. The software will be maintained per vendor documentation. If the operator is unable to provide a documented configuration for an installed intrusion detection system or if the intrusion detection system is not properly configured, maintained or used, this is a finding.

Check Text ( C-50381r1_chk )

The operator will ensure that DoD approved intrusion detection software is installed, operating, and updated monthly. The configurations will be updated regularly. The software will be maintained per vendor documentation.

If the operator is unable to provide a documented configuration for an installed intrusion detection system or if the intrusion detection system is not properly configured, maintained or used, this is a finding.

Fix Text (F-51557r1_fix)
The operator will ensure that DoD approved intrusion detection software is installed, operating, and updated monthly. The configurations will be updated regularly. The software will be maintained per vendor documentation.