Check: SRG-NET-000249-IDPS-00176
Intrusion Detection and Prevention Systems (IDPS) SRG:
SRG-NET-000249-IDPS-00176
(in versions v2 r6 through v2 r2)
Title
The IDPS must block malicious code. (Cat II impact)
Discussion
Configuring the IDPS to delete and/or quarantine based on local organizational incident handling procedures minimizes the impact of this code on the network.
Check Content
Verify the IDPS blocks malicious code. If the IDPS does not block malicious code, this is a finding.
Fix Text
Configure the IDPS to block malicious code.
Additional Identifiers
Rule ID: SV-45686r2_rule
Vulnerability ID: V-34762
Group Title: SRG-NET-000249-IDPS-00176
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-001243 |
The organization configures malicious code protection mechanisms to perform organization-defined action(s) in response to malicious code detection. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| SI-3 |
Malicious Code Protection |