Check: SRG-NET-000249-IDPS-00176
Intrusion Detection and Prevention Systems SRG:
SRG-NET-000249-IDPS-00176
(in versions v3 r2 through v2 r2)
Title
The IDPS must block malicious code. (Cat II impact)
Discussion
Configuring the IDPS to delete and/or quarantine based on local organizational incident handling procedures minimizes the impact of this code on the network.
Check Content
Verify the IDPS blocks malicious code. If the IDPS does not block malicious code, this is a finding.
Fix Text
Configure the IDPS to block malicious code.
Additional Identifiers
Rule ID: SV-206889r383131_rule
Vulnerability ID: V-206889
Group Title: SRG-NET-000249
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-001243 |
Configure malicious code protection mechanisms to block malicious code; quarantine malicious code; and/or take organization-defined action(s) in response to malicious code detection. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| SI-3 |
Malicious Code Protection |