Check: GEN006560
Solaris 10 X86 STIG:
GEN006560
(in versions v2 r4 through v1 r17)
Title
The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify the SA and the IAO of a security breach or a suspected security breach. (Cat II impact)
Discussion
Timely notifications of potential security compromises minimize the potential damage. Minimally, the system must log these events and the SA and the IAO will receive the notifications during the daily system log review. If feasible, active alerting (such as email or paging) should be employed consistent with the site's established operations management systems and procedures.
Check Content
For each security tool on the system, determine if the tool is configured to notify the IAO and SA of any detected security problem. If such notifications are not configured, this is a finding.
Fix Text
Configure the security tools on the system to notify the IAO and SA when any security issues are detected.
Additional Identifiers
Rule ID: SV-220115r603266_rule
Vulnerability ID: V-220115
Group Title: SRG-OS-000480
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
| CCI-001266 |
The information system notifies an organization-defined list of incident response personnel (identified by name and/or by role) of detected suspicious events. |