The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify the SA and the IAO of a security breach or a suspected security breach.

From AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE

Associated with IA controls: ECAT-2, ECAT-1

SV-41530r1_rule The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify the SA and the IAO of a security breach or a suspected security breach.

Vulnerability discussion

Timely notifications of potential security compromises minimize the potential damage.Minimally, the system must log these events and the SA and the IAO will receive the notifications during the daily system log review. If feasible, active alerting (such as email or paging) should be employed consistent with the site’s established operations management systems and procedures.

Check content

For each security tool on the system, determine if the tool is configured to notify the IAO and SA of any detected security problem. If such notifications are not configured, this is a finding.

Fix text

Configure the security tools on the system to notify the IAO and SA when any security issues are detected.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.