The IPS must block malicious code.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-206889 | SRG-NET-000249-IDPS-00176 | SV-206889r1137734_rule | CCI-001243 | medium |
| Description | ||||
| Configuring the IPS to blocks, drops, and/or quarantine based on local organizational incident handling procedures minimizes the impact of this code on the network. | ||||
| STIG | Date | |||
| Intrusion Detection and Prevention Systems Security Requirements Guide | 2025-09-22 | |||
Related Frameworks
7 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
SI-3
1.00
- DISA · V3R4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1715 mappings
3.14.1
1.00
- DISA · V3R4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.14.2
1.00
- DISA · V3R4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.14.3
1.00
- DISA · V3R4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.14.4
1.00
- DISA · V3R4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.14.5
1.00
- DISA · V3R4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-001243
1.00
- DISA · V3R4 · disa_xccdf · related
Details
Check Text (C-206889r1137734_chk)
If the device being reviewed is an IDS, this is not applicable.
Verify the IPS blocks malicious code.
If the IPS does not block malicious code, this is a finding.
Fix Text (F-7143r1137733_fix)
Configure the IPS to block malicious code.