Theme

CCI|CCI-002664

Title

The information system alerts organization-defined personnel or roles when organization-defined compromise indicators reflect the occurrence of a compromise or a potential compromise.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2013

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - basic-threat	Cisco	DISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - From-address	Cisco	DISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - logging severity	Cisco	DISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - Recipient-address	Cisco	DISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - scanning-threat	Cisco	DISA STIG Cisco ASA FW v1r2
CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - smtp	Cisco	DISA STIG Cisco ASA FW v1r2
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - enc-algorithm	FortiGate	DISA Fortigate Firewall STIG v1r1
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set certificate	FortiGate	DISA Fortigate Firewall STIG v1r1
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set mode	FortiGate	DISA Fortigate Firewall STIG v1r1
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set server	FortiGate	DISA Fortigate Firewall STIG v1r1
PANW-AG-000118 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected.	Palo_Alto	DISA STIG Palo Alto ALG v2r2
PANW-AG-000119 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged access is detected - privileged	Palo_Alto	DISA STIG Palo Alto ALG v2r2
PANW-AG-000120 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized non-privileged access is detected - non-privileged	Palo_Alto	DISA STIG Palo Alto ALG v2r2
PANW-AG-000121 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when denial of service incidents are detected.	Palo_Alto	DISA STIG Palo Alto ALG v2r2
PANW-AG-000122 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when new active propagation of malware infecting DoD systems or malicious code adversely affecting the operations and/or security of DoD systems is detected.	Palo_Alto	DISA STIG Palo Alto ALG v2r2
PANW-IP-000051 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when intrusion detection events are detected which indicate a compromise or potential for compromise.	Palo_Alto	DISA STIG Palo Alto IDPS v2r2
PANW-IP-000052 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected.	Palo_Alto	DISA STIG Palo Alto IDPS v2r2
PANW-IP-000053 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged or non-privileged access is detected.	Palo_Alto	DISA STIG Palo Alto IDPS v2r2
PANW-IP-000055 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when denial of service incidents are detected.	Palo_Alto	DISA STIG Palo Alto IDPS v2r2
PANW-IP-000056 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when new active propagation of malware infecting DoD systems or malicious code adversely affecting the operations and/or security of DoD systems is detected.	Palo_Alto	DISA STIG Palo Alto IDPS v2r2
SYMP-AG-000660 - Symantec ProxySG providing content filtering must send an alert to, at a minimum, the ISSO and ISSM when detection events occur.	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000670 - Symantec ProxySG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when denial-of-service (DoS) incidents are detected - Client limits	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000670 - Symantec ProxySG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when denial-of-service (DoS) incidents are detected - DoS incidents are detected. Rules	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3