Title

Applications that are designed and intended to address incident response scenarios must provide a configurable capability to automatically disable an information system if any of the organization defined security violations are detected. (Cat II impact)

Discussion

When responding to a security incident a capability must exist allowing authorized personnel to disable a particular system if the system exhibits a security violation and the organization determines an action is warranted. Organizations shall define a list of security violations that warrant an immediate disabling of a system. Rationale for non-applicability: The MDM SRG covers the ability to disable a mobile device in the event of a security incident.

Check Content

This requirement is NA for the MAPP SRG.

Fix Text

The requirement is NA. No fix is required.

Additional Identifiers

Rule ID: SV-46794r1_rule

Vulnerability ID: V-35507

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.