Detections
Analytics

CCI|CCI-002664

Title

The information system alerts organization-defined personnel or roles when organization-defined compromise indicators reflect the occurrence of a compromise or a potential compromise.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - basic-threatCiscoDISA STIG Cisco ASA FW v1r3
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - basic-threatCiscoDISA STIG Cisco ASA FW v1r4
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - basic-threatCiscoDISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - From-addressCiscoDISA STIG Cisco ASA FW v1r3
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - From-addressCiscoDISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - From-addressCiscoDISA STIG Cisco ASA FW v1r4
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - logging severityCiscoDISA STIG Cisco ASA FW v1r3
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - logging severityCiscoDISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - logging severityCiscoDISA STIG Cisco ASA FW v1r4
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - Recipient-addressCiscoDISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - Recipient-addressCiscoDISA STIG Cisco ASA FW v1r3
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - Recipient-addressCiscoDISA STIG Cisco ASA FW v1r4
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - scanning-threatCiscoDISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - scanning-threatCiscoDISA STIG Cisco ASA FW v1r3
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - scanning-threatCiscoDISA STIG Cisco ASA FW v1r4
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - smtpCiscoDISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - smtpCiscoDISA STIG Cisco ASA FW v1r3
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - smtpCiscoDISA STIG Cisco ASA FW v1r4
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected. - basic-threatCiscoDISA STIG Cisco ASA FW v1r1
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected. - From-addressCiscoDISA STIG Cisco ASA FW v1r1
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected. - logging severityCiscoDISA STIG Cisco ASA FW v1r1
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected. - Recipient-addressCiscoDISA STIG Cisco ASA FW v1r1
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected. - scanning-threatCiscoDISA STIG Cisco ASA FW v1r1
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected. - smtpCiscoDISA STIG Cisco ASA FW v1r1
JUSX-AG-000147 - The Juniper SRX Services Gateway Firewall must generate an alert that can be forwarded to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources are detected.JuniperDISA Juniper SRX Services Gateway ALG v2r1
JUSX-AG-000150 - The Juniper SRX Services Gateway Firewall must generate an alert that can be forwarded to, at a minimum, the ISSO and ISSM when DoS incidents are detected.JuniperDISA Juniper SRX Services Gateway ALG v2r1
JUSX-IP-000023 - The IDPS must send an alert to, at a minimum, the ISSO and ISSM when intrusion detection events are detected that indicate a compromise or potential for compromise.JuniperDISA Juniper SRX Services Gateway IDPS v1r2
JUSX-IP-000024 - The Juniper Networks SRX Series Gateway IDPS must generate an alert to, at a minimum, the ISSO and ISSM when root-level intrusion events that provide unauthorized privileged access are detected.JuniperDISA Juniper SRX Services Gateway IDPS v1r2
JUSX-IP-000025 - The IDPS must send an alert to, at a minimum, the ISSO and ISSM when DoS incidents are detected.JuniperDISA Juniper SRX Services Gateway IDPS v1r2
PANW-AG-000118 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected.Palo_AltoDISA STIG Palo Alto ALG v2r2
PANW-AG-000118 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected.Palo_AltoDISA STIG Palo Alto ALG v2r3
PANW-AG-000118 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected.Palo_AltoDISA STIG Palo Alto ALG v2r4
PANW-AG-000118 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected.Palo_AltoDISA STIG Palo Alto ALG v2r1
PANW-AG-000119 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged access is detected - privilegedPalo_AltoDISA STIG Palo Alto ALG v2r1
PANW-AG-000119 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged access is detected - privilegedPalo_AltoDISA STIG Palo Alto ALG v2r3
PANW-AG-000119 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged access is detected - privilegedPalo_AltoDISA STIG Palo Alto ALG v2r4
PANW-AG-000119 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged access is detected - privilegedPalo_AltoDISA STIG Palo Alto ALG v2r2
PANW-AG-000120 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized non-privileged access is detected - non-privilegedPalo_AltoDISA STIG Palo Alto ALG v2r3
PANW-AG-000120 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized non-privileged access is detected - non-privilegedPalo_AltoDISA STIG Palo Alto ALG v2r1
PANW-AG-000120 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized non-privileged access is detected - non-privilegedPalo_AltoDISA STIG Palo Alto ALG v2r4
PANW-AG-000120 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized non-privileged access is detected - non-privilegedPalo_AltoDISA STIG Palo Alto ALG v2r2
PANW-AG-000121 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when denial of service incidents are detected.Palo_AltoDISA STIG Palo Alto ALG v2r4
PANW-AG-000121 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when denial of service incidents are detected.Palo_AltoDISA STIG Palo Alto ALG v2r1
PANW-AG-000121 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when denial of service incidents are detected.Palo_AltoDISA STIG Palo Alto ALG v2r2
PANW-AG-000121 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when denial of service incidents are detected.Palo_AltoDISA STIG Palo Alto ALG v2r3
PANW-IP-000051 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when intrusion detection events are detected which indicate a compromise or potential for compromise.Palo_AltoDISA STIG Palo Alto IDPS v2r3
PANW-IP-000051 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when intrusion detection events are detected which indicate a compromise or potential for compromise.Palo_AltoDISA STIG Palo Alto IDPS v2r2
PANW-IP-000052 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected.Palo_AltoDISA STIG Palo Alto IDPS v2r2
PANW-IP-000052 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected.Palo_AltoDISA STIG Palo Alto IDPS v2r3
PANW-IP-000053 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged or non-privileged access is detected.Palo_AltoDISA STIG Palo Alto IDPS v2r3