STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:

Information Assurance - System Security Incidents (Identifying, Reporting, and Handling)

DISA Rule

SV-41055r3_rule

Vulnerability Number

V-31008

Group Title

Information Assurance - System Security Incidents

Rule Version

IA-03.02.01

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

A program to recognize, investigate, and report information systems security incidents to include virus, system penetration, and classified contamination must be established. Such a program will include written procedures that are available for employee review as well as including the topic in initial and annual security refresher training.

Check Contents

1. Check to ensure there are written procedures for identifying, reporting, and handling systems security incidents.

2. Check to ensure that procedures for handling system security incidents are included in both initial and annual (refresher) employee training.

NOTE: Applies in a tactical environment. While procedures for incident handling might not be readily available in a mobile/field location, they should be established and available at a supporting fixed headquarters facility. Field units must still be informed and knowledgeable of their responsibility to report security incidents. This knowledge can be ascertained by asking field organization leadership what they would do in a spillage or similar computer security incident.

Information Assurance - System Security Incidents (Identifying, Reporting, and Handling)

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments