The IPS must block malicious code.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-206889 | SRG-NET-000249-IDPS-00176 | SV-206889r1137734_rule | CCI-001243 | medium |
| Description | ||||
| Configuring the IPS to blocks, drops, and/or quarantine based on local organizational incident handling procedures minimizes the impact of this code on the network. | ||||
| STIG | Date | |||
| Intrusion Detection and Prevention Systems Security Requirements Guide | 2025-09-22 | |||
Details
Check Text (C-206889r1137734_chk)
If the device being reviewed is an IDS, this is not applicable.
Verify the IPS blocks malicious code.
If the IPS does not block malicious code, this is a finding.
Fix Text (F-7143r1137733_fix)
Configure the IPS to block malicious code.