From ForeScout CounterACT NDM Security Technical Implementation Guide
Part of SRG-APP-000516-NDM-000333
Associated with: CCI-000366 CCI-001274
CJCSM 6510.01B, "Cyber Incident Handling Program", in subsection e.(6)(c) sets forth requirements for Cyber events detected by an automated system.
Verify Threat Protection notifications are enabled and configured. 1. Select Tools >> Options >> Threat Protection. 2. At the bottom of the Threat Protection pane, select "Customer" and then select the "Notify" tab. 3. Verify the Maximum emails per day is set to "15" and infected host notification is set to 1 hour. If CounterACT does not enable Threat Protection notifications to alert security personnel to Cyber events detected by a CounterACT IAW CJCSM 6510.01B, this is a finding.
Enable and configure Threat Protection notifications. 1. Select Tools >> Options >> Threat Protection. 2. At the bottom of the Threat Protection pane, select "Customer" and then select the "Notify" tab. 3. Modify the Maximum emails per day to "15" and infected host notification to 1 hour.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer