STIGQter STIGQter: STIG Summary: Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide Version: 2 Release: 5 Benchmark Date: 25 Oct 2019: The IDPS must be configured to remove or disable non-essential capabilities which are not required for operation or not related to IDPS functionality (e.g., DNS, email client or server, FTP server, or web server).

DISA Rule

SV-69585r1_rule

Vulnerability Number

V-55339

Group Title

SRG-NET-000131-IDPS-00011

Rule Version

SRG-NET-000131-IDPS-00011

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Remove or disable non-essential capabilities from the IDPS. Removal is recommended since the service or function may be inadvertently enabled. However, if removal is not possible, disable the service or function. Document all necessary services.

Check Contents

Have the SCA display the services running on the IDPS components. Review the IDPS configuration to determine if non-essential capabilities not required for operation, or not related to IDPS functionality (e.g., DNS, email client or server, FTP server, or web server) are enabled.

If the IDPS is not configured to remove or disable non-essential capabilities which are not required for operation or not related to IDPS functionality (e.g., DNS, email client or server, FTP server, or web server), this is a finding.

Vulnerability Number

V-55339

Documentable

False

Rule Version

SRG-NET-000131-IDPS-00011

Severity Override Guidance

Have the SCA display the services running on the IDPS components. Review the IDPS configuration to determine if non-essential capabilities not required for operation, or not related to IDPS functionality (e.g., DNS, email client or server, FTP server, or web server) are enabled.

If the IDPS is not configured to remove or disable non-essential capabilities which are not required for operation or not related to IDPS functionality (e.g., DNS, email client or server, FTP server, or web server), this is a finding.

Check Content Reference

M

Target Key

2358

Comments