CCI|CCI-002664

Title

The information system alerts organization-defined personnel or roles when organization-defined compromise indicators reflect the occurrence of a compromise or a potential compromise.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - basic-threatCiscoDISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - From-addressCiscoDISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - logging severityCiscoDISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - Recipient-addressCiscoDISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - scanning-threatCiscoDISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - smtpCiscoDISA STIG Cisco ASA FW v1r2
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - enc-algorithmFortiGateDISA Fortigate Firewall STIG v1r1
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set certificateFortiGateDISA Fortigate Firewall STIG v1r1
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set modeFortiGateDISA Fortigate Firewall STIG v1r1
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set serverFortiGateDISA Fortigate Firewall STIG v1r1
PANW-AG-000118 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected.Palo_AltoDISA STIG Palo Alto ALG v2r2
PANW-AG-000119 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged access is detected - privilegedPalo_AltoDISA STIG Palo Alto ALG v2r2
PANW-AG-000120 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized non-privileged access is detected - non-privilegedPalo_AltoDISA STIG Palo Alto ALG v2r2
PANW-AG-000121 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when denial of service incidents are detected.Palo_AltoDISA STIG Palo Alto ALG v2r2
PANW-AG-000122 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when new active propagation of malware infecting DoD systems or malicious code adversely affecting the operations and/or security of DoD systems is detected.Palo_AltoDISA STIG Palo Alto ALG v2r2
PANW-IP-000051 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when intrusion detection events are detected which indicate a compromise or potential for compromise.Palo_AltoDISA STIG Palo Alto IDPS v2r2
PANW-IP-000052 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected.Palo_AltoDISA STIG Palo Alto IDPS v2r2
PANW-IP-000053 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged or non-privileged access is detected.Palo_AltoDISA STIG Palo Alto IDPS v2r2
PANW-IP-000055 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when denial of service incidents are detected.Palo_AltoDISA STIG Palo Alto IDPS v2r2
PANW-IP-000056 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when new active propagation of malware infecting DoD systems or malicious code adversely affecting the operations and/or security of DoD systems is detected.Palo_AltoDISA STIG Palo Alto IDPS v2r2
SYMP-AG-000660 - Symantec ProxySG providing content filtering must send an alert to, at a minimum, the ISSO and ISSM when detection events occur.BlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000670 - Symantec ProxySG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when denial-of-service (DoS) incidents are detected - Client limitsBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000670 - Symantec ProxySG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when denial-of-service (DoS) incidents are detected - DoS incidents are detected. RulesBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3