STIGQter: STIG Summary: Active Directory Domain Security Technical Implementation Guide (STIG) Version: 2 Release: 13 Benchmark Date: 26 Apr 2019: STIGQter: STIG Summary: Active Directory Domain Security Technical Implementation Guide (STIG) Version: 2 Release: 13 Benchmark Date: 26 Apr 2019:SV-30994r3_rule
V-8523
IDS Visibility of Directory VPN Data Transport
DS00.4140_AD
CAT II
10
Replace the VPN solution or reconfigure it so that directory data is inspected by a network or host-based IDS.
1. Interview the site representative. Ask about the location of the domain controllers.
2. If domain controllers are not located in multiple enclaves, then this check is not applicable.
3. If domain controllers are located in multiple enclaves and a VPN is not used, then this check is not applicable.
4. If domain controllers are located in multiple enclaves and a VPN is used, review the site network diagram(s) with the SA, NSO, or network reviewer as required to determine if the AD network traffic is visible to a network or host IDS.
5. If the AD network traffic is not visible to a network or host IDS, then this is a finding.
V-8523
False
DS00.4140_AD
1. Interview the site representative. Ask about the location of the domain controllers.
2. If domain controllers are not located in multiple enclaves, then this check is not applicable.
3. If domain controllers are located in multiple enclaves and a VPN is not used, then this check is not applicable.
4. If domain controllers are located in multiple enclaves and a VPN is used, review the site network diagram(s) with the SA, NSO, or network reviewer as required to determine if the AD network traffic is visible to a network or host IDS.
5. If the AD network traffic is not visible to a network or host IDS, then this is a finding.
M
Information Assurance Officer
870