STIGQter: STIG Summary: Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide Version: 2 Release: 6 Benchmark Date: 24 Jul 2020:

The IDPS must provide audit record generation capability for detection events based on implementation of policy filters, rules, signatures, and anomaly analysis.

DISA Rule

SV-69565r1_rule

Vulnerability Number

V-55319

Group Title

SRG-NET-000113-IDPS-00013

Rule Version

SRG-NET-000113-IDPS-00013

Severity

CAT II

CCI(s)

• CCI-000169 - The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.

Weight

10

Fix Recommendation

Configure the IDPS to provide audit record generation capability for detection events based on implementation of policy filters, rules, signatures, and anomaly analysis.

Check Contents

Verify the configuration provides audit record generation capability for detection events based on implementation of policy filters, rules, signatures, and anomaly analysis.

If the IDPS does not provide audit record generation capability for detection events based on implementation of policy filters, rules, signatures, and anomaly analysis, this is a finding.

Vulnerability Number

V-55319

Documentable

False

Rule Version

SRG-NET-000113-IDPS-00013

Severity Override Guidance

Verify the configuration provides audit record generation capability for detection events based on implementation of policy filters, rules, signatures, and anomaly analysis.

If the IDPS does not provide audit record generation capability for detection events based on implementation of policy filters, rules, signatures, and anomaly analysis, this is a finding.

Check Content Reference

M

Target Key

2358

Comments