Free DISA STIG and SRG Library | Vaulted

V-71537

The CA API Gateway must activate a system alert message, send an alarm, and/or automatically shut down when a component failure is detected.

Finding ID
CAGW-DM-000190
Rule ID
SV-86161r1_rule
Severity
Cat II
CCE
(None)
Group Title
SRG-APP-000268-NDM-000274
CCI
CCI-001328
Target Key
(None)
Documentable
No
Discussion

Predictable failure prevention requires organizational planning to address device failure issues. If components key to maintaining the device's security fail to function, the device could continue operating in an insecure state. If appropriate actions are not taken when a network device failure occurs, a denial of service condition may occur which could result in mission failure since the network would be operating without a critical security monitoring and prevention function. Upon detecting a failure of network device security components, the network device must activate a system alert message, send an alarm, or shut down.

Fix Text

Install and configure (setup SNMP trap dest/authentication) alerter script in /usr/local/bin/failtest. Configure cron to run "/usr/local/bin/failtest" every minute as indicated by /etc/crontab entry

Check Content

Verify "/usr/local/bin/failtest" script exists and is executable. Verify crontab runs "/usr/local/bin/failtest" every minute by checking cron's logfile "/var/log/cron". If "/usr/local/bin/failtest" does not exist or it is not executable, this is a finding.