GEN006560 - The system VA tool, HIDS tool, and file integrity tool must notify of a security breach or a suspected security breach.

Information

Timely notifications of potential security compromises minimize the potential damage.

Minimally, the system must log these events, and the SA and the ISSO will receive the notifications during the daily system log review. If feasible, active alerting (such as e-mail or paging) should be employed consistent with the site's established operations management systems and procedures.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure the security tools on the system to notify the IAO and SA when any security issues are detected.

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|CM-6b., 800-53|SI-4(7), CAT|II, CCI|CCI-000366, CCI|CCI-001266, Group-ID|V-12028, Rule-ID|SV-37747r2_rule, STIG-ID|GEN006560, Vuln-ID|V-12028

Plugin: Unix

Control ID: 8b9e89190800f21e5387da6ba5ea24e890df9a4ce4d94b8fecbbdc6d7f791cc2