Sub-Requirement 11.5

11.5 Deploy file integrity monitoring software to alert personnel to unauthorized modification of critical system or content files; and configure the software to perform critical file comparisons at least weekly.

Illustrative Controls and the TIBCO LogLogic Solution

To satisfy this requirement, administrators must deploy file integrity monitoring software on in-scope systems and ensure that file comparisons are performed at least weekly. Additionally, administrators should ensure that alerts and messages from file integrity monitoring software are appropriately incorporated into incident detection, investigation, and response procedures.

Reports and Alerts

Refer TIBCO LogLogic Reports and Alerts Quick Reference to see the 11.5 reports and alerts.

Each Tripwire configuration will include critical files, data, and directories that are unique to each installation, thus no pre-configured alerts are included for Tripwire. The included Tripwire report can be used to help baseline the environment and determine which alerts are required.

Contents

Index

Search Results

Sub-Requirement 11.5

Illustrative Controls and the TIBCO LogLogic Solution

Reports and Alerts