STIGQter: STIG Summary: Forescout Network Access Control Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020: STIGQter: STIG Summary: Forescout Network Access Control Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:SV-233328r615856_rule
V-233328
SRG-NET-000273-NAC-000970
FORE-NC-000210
CAT II
10
1. Log on to the Forescout UI.
2. Within the highlighted policy, under the Actions section, select "Add" or "Edit".
3. Find the Notify section and select from any one of the below options for notifying authorized (IAW SSP) personnel:
- HTTP Notification
- Send Email
- Send Notification
Verify Forescout is configured to reveal error messages only to the security personnel that need to know about the application that had the error.
1. Log on to the Forescout UI.
2. Within the highlighted policy, under the Actions section, select a configured action to view.
3. Find the Notify section and verify that only authorized individuals (IAW the SSP) are configured for the following:
- HTTP Notification
- Send Email
- Send Notification
If Forescout error messages can be viewed by unauthorized users other than the security personnel that have a need to know, this is a finding.
V-233328
False
FORE-NC-000210
Verify Forescout is configured to reveal error messages only to the security personnel that need to know about the application that had the error.
1. Log on to the Forescout UI.
2. Within the highlighted policy, under the Actions section, select a configured action to view.
3. Find the Notify section and verify that only authorized individuals (IAW the SSP) are configured for the following:
- HTTP Notification
- Send Email
- Send Notification
If Forescout error messages can be viewed by unauthorized users other than the security personnel that have a need to know, this is a finding.
M
5250