Title

Applications must provide automated support for the management of distributed security testing. (Cat II impact)

Discussion

The need to verify security functionality applies to all security functions. For those security functions that are not able to execute automated self-tests the organization either implements compensating security controls or explicitly accepts the risk of not performing the verification as required. Information system transitional states include: startup, restart, shutdown, and abort. Rationale for non-applicability: The MDM SRG addresses automated support for the management of distributed security testing.

Check Content

This requirement is NA for the MAPP SRG.

Fix Text

The requirement is NA. No fix is required.

Additional Identifiers

Rule ID: SV-46984r1_rule

Vulnerability ID: V-35697

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.