800-53|SI-4(7)

Title

AUTOMATED RESPONSE TO SUSPICIOUS EVENTS

Description

The information system notifies [Assignment: organization-defined incident response personnel (identified by name and/or by role)] of detected suspicious events and takes [Assignment: organization-defined least-disruptive actions to terminate suspicious events].

Supplemental

Least-disruptive actions may include, for example, initiating requests for human responses.

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: INFORMATION SYSTEM MONITORING

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
GEN006560 - The system VA tool, HIDS tool, and file integrity tool must notify of a security breach or a suspected security breach.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN006560 - The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify SA and IAO.UnixDISA STIG AIX 5.3 v1r2
GEN006560 - The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify the SA and the IAO of a security breach or a suspected security breach.UnixDISA STIG Solaris 10 SPARC v2r2
GEN006560 - The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify the SA and the IAO of a security breach or a suspected security breach.UnixDISA STIG for Oracle Linux 5 v2r1
GEN006560 - The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify the SA and the IAO of a security breach or a suspected security breach.UnixDISA STIG Solaris 10 X86 v2r2
GEN006560 - The system vulnerability assessment, host-based intrusion detection, and file integrity tools must notify of a security breach.UnixDISA STIG AIX 6.1 v1r14
NET-NAC-032 - Switchport does not shutdown on a violationCiscoDISA STIG Cisco Perimeter L3 Switch v8r32
NET-NAC-032 - Switchport does not shutdown on a violationCiscoDISA STIG Cisco L2 Switch V8R27
NET-NAC-032 - Switchport does not shutdown on a violationCiscoDISA STIG Cisco Infrastructure L3 Switch v8r29