STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

The Intrusion Detection and Prevention System (IDPS) configuration must be backed up before applying software or signature updates, or when making changes to the configuration.

DISA Rule

SV-20045r2_rule

Vulnerability Number

V-18510

Group Title

Backups are not taken before updates

Rule Version

NET-IDPS-031

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Establish backup procedures and define directories to store the configuration settings and operating system versions.

Check Contents

Interview the SA to determine the IDPS maintenance procedures as well as have SA display the backup files saved on the file server.

If the IDPS configuration is not backed up prior to applying software or signature updates, or when making changes to the configuration, this is a finding.

Vulnerability Number

V-18510

Documentable

False

Rule Version

NET-IDPS-031

Severity Override Guidance

Interview the SA to determine the IDPS maintenance procedures as well as have SA display the backup files saved on the file server.

If the IDPS configuration is not backed up prior to applying software or signature updates, or when making changes to the configuration, this is a finding.

Check Content Reference

M

Target Key

838

Comments