Check: SRG-MPOL-049
Mobile Policy SRG:
SRG-MPOL-049
(in version v1 r2)
Title
The organization must ensure WIDS sensor scan results are saved for at least 6 months (one year recommended). (Cat III impact)
Discussion
If organizations do not maintain scan logs, it cannot be determined if intrusion detection findings are isolated and harmless events, or a more sustained, methodical attack on the system.
Check Content
Verify the organization has saved its scan results for at least 6 months (one year recommended), viewing one of the older logs to validate the practice. If the organization is not saving the wireless IDS scan results, or is saving them for less than 6 months, this is a finding.
Fix Text
Maintain the results of wireless IDS sensor scan results for at least 6 months.
Additional Identifiers
Rule ID:
Vulnerability ID: V-35967
Group Title:
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001334 |
The organization requires that unclassified mobile devices used in facilities containing information systems processing, storing, or transmitting classified information and the information stored on those devices be subject to random reviews and inspections by organization-defined security officials. |
Controls
| Number | Title |
|---|---|
| AC-19 (4) |
Restrictions For Classified Information |