STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018:

The Bromium Enterprise Controller (BEC) must have the base policy Logging Level set to Debug.

DISA Rule

SV-95173r1_rule

Vulnerability Number

V-80469

Group Title

SRG-APP-000471

Rule Version

BROM-00-001135

Severity

CAT II

CCI(s)

• CCI-002664 - The information system alerts organization-defined personnel or roles when organization-defined compromise indicators reflect the occurrence of a compromise or a potential compromise.

Weight

10

Fix Recommendation

Enable the Debug Logging level.

1. From the management console, click on "Policies".
2. Select the base policy.
3. Select the "Manageability" tab.
4. Set the Logging level to "Debug".
5. Click "Save and Deploy".

Check Contents

Inspect the base policy for all endpoints.

1. From the management console, click on "Policies".
2. Select the base policy.
3. Select the "Manageability" tab.
4. Inspect the Logging level setting.

If the BEC base policy Logging level has not been set to "Debug", this is a finding.

Vulnerability Number

V-80469

Documentable

False

Rule Version

BROM-00-001135

Severity Override Guidance

Inspect the base policy for all endpoints.

1. From the management console, click on "Policies".
2. Select the base policy.
3. Select the "Manageability" tab.
4. Inspect the Logging level setting.

If the BEC base policy Logging level has not been set to "Debug", this is a finding.

Check Content Reference

M

Target Key

3375

Comments