STIGQter: STIG Summary: Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide Version: 2 Release: 6 Benchmark Date: 24 Jul 2020:

The IDPS must produce audit records containing information to establish the outcome of events associated with detected harmful or potentially harmful traffic, including, at a minimum, capturing all associated communications traffic.

DISA Rule

SV-45386r2_rule

Vulnerability Number

V-34544

Group Title

SRG-NET-000078-IDPS-00063

Rule Version

SRG-NET-000078-IDPS-00063

Severity

CAT II

CCI(s)

CCI-000134 - The information system generates audit records containing information that establishes the outcome of the event.

Weight

Fix Recommendation

Configure the IDPS components to ensure entries sent to the audit log include, at a minimum, capturing all associated communications traffic.

Check Contents

Verify the entries sent to the audit log include, at a minimum, capturing all associated communications traffic.

If the audit log event records do not include, at a minimum, capturing all associated communications traffic, this is a finding.

The IDPS must produce audit records containing information to establish the outcome of events associated with detected harmful or potentially harmful traffic, including, at a minimum, capturing all associated communications traffic.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments