Title

The operating system must fail to a secure state if system initialization fails, shutdown fails, or aborts fail. (Cat II impact)

Discussion

Failure to a known safe state helps prevent systems from failing to a state that may cause loss of data or unauthorized access to system resources. Operating systems that fail suddenly and with no incorporated failure state planning may leave the system available but with a reduced security protection capability. Preserving operating system state information also facilitates system restart and return to the operational mode of the organization with less disruption to mission-essential processes. Abort refers to stopping a program or function before it has finished naturally. The term abort refers to both requested and unexpected terminations.

Check Content

Verify the operating system fails to a secure state if system initialization fails, shutdown fails, or aborts fail. If it does not, this is a finding.

Fix Text

Configure the operating system to fail to a secure state if system initialization fails, shutdown fails, or aborts fail.

Additional Identifiers

Rule ID: SV-203660r557227_rule

Vulnerability ID: V-203660

Group Title: SRG-OS-000184

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.