STIGQter: STIG Summary: Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide Version: 2 Release: 6 Benchmark Date: 24 Jul 2020:

The IDPS must protect against or limit the effects of known and unknown types of Denial of Service (DoS) attacks by employing rate-based attack prevention behavior analysis.

DISA Rule

SV-69591r1_rule

Vulnerability Number

V-55345

Group Title

SRG-NET-000362-IDPS-00196

Rule Version

SRG-NET-000362-IDPS-00196

Severity

CAT II

CCI(s)

• CCI-002385 - The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.

Weight

10

Fix Recommendation

Configure the IDPS to protect against or limit the effects of known and unknown types of DoS attacks by employing rate-based attack prevention behavior analysis.

Check Contents

Verify the IDPS protects against or limits the effects of known and unknown types of DoS attacks by employing rate-based attack prevention behavior analysis.

If the device does not protect against or limit the effects of known and unknown types of DoS attacks by employing rate-based attack prevention behavior analysis, this is a finding.

Vulnerability Number

V-55345

Documentable

False

Rule Version

SRG-NET-000362-IDPS-00196

Severity Override Guidance

Verify the IDPS protects against or limits the effects of known and unknown types of DoS attacks by employing rate-based attack prevention behavior analysis.

If the device does not protect against or limit the effects of known and unknown types of DoS attacks by employing rate-based attack prevention behavior analysis, this is a finding.

Check Content Reference

M

Target Key

2358

Comments