ob Reon 1.2F | Primary DNS Server TBD Pass:(] | Fait: ] 1.26 | Secondary ONS Sener | TBD Pass: | Fak] USA Campbell Sensor 2 1.2 [Management IP Address | BD Pass:C] | Fal: 7.28 | Subnet Mask TBD Pass:O | Fai] 1.26 | Default Gateway TBD Pass] _| Fait] 12D | Hostname TBD Pass) | Falk) 7.2E | Remote Management Port _| TBD Pass:L | Fait) 1.2F | Primary DNS Server TBD Pass:L | Fait] 1.26 | Secondary ONS Sever [TBD Pass: _| Fait: USA Alameda Sensor-t 12a [Management iP Address | TBD Pass:O | Fai) 1.28 | Subnet Mask TBD Pass] _| Fait: 1.26 | Default Gateway TBD. PassL) | Falk) 7.20 | Hostname TED Pass:L)_| Fai: 1.2 | Remote Management Pot _| TBD Pass: | Fai 1.2F | Primary DNS Server TBD Pass:O | Fai] 126 | Secondary ONS Sener | TBD Pass: Fait) USA Alameda Sensor2 12a [ManagementiP Address | TBD Pass:O | Fai] 7.28 | Subnet Mask TBD Pass:O) | Fai] 1.26 | Default Gateway TBD, Pass: | Fai 7.20 | Hostname TBD Pass O | Fat) 126 | Remote Management Port | TBD Pass: | Fai 1.2F | Primary DNS Server TBD Pass:C | Fait] 1.26 | Secondary ONS Sener [TBD Pass: | Fai Roasons for Failure: Corrective Actions: November 18 2015 [24]7 AMP NRFU (lace Highly Confidential All printed copies and duplicate soft copies are considered uncontrlled ‘andthe original online version shouldbe referred to forthe latest version Page 40 of 1126 Operating System Configuration Tests ‘The aim of these tests is to ensure that the appliances have the correct version of the Sourcefire ‘operating system installed and are using the latest patch and Snort engine applicable for the version. 6.1 FireSIGHT Management Center FS2000 Operating System Configuration Tests Table 27 FieSIGHT Management Center F52000 Operating System Configuration Test Test Test Number: 2:4 le: FireSIGHT Management Center FS2000 Operating System Configuration Test Requirements: | Verify that the appliance is running the correct version of the Sourcefire Test Purpose: | operating system and that its patched with the latest release and Snort engine ‘Appliance is installed and network connectivity established Test Appliance has been configured inline with the low level design Remote access to the appliance is available from administration client Login to the web GUI https:// Procedure: | 2. Use the local administrator account to login 3._Select Holp > About Results Fest rest: Expected Result: | Actual Result: Overall Result: 2.1A | Software Version | TBD Pass: | Fail: O] 218 | EqualtoEstate | Yes Pass) | Fail: 0 2.16 | Operating System [TBD Pass: | Fai: 21D | EqualtoEstate | Yes Pass: | Fail: 2.16 | Snort Version | 78D Pass: | Fail] 21F [EqualtoEstate | Yes Pass) | Fail: O) Reasons for Failure: Corrective Actions: November 18,2035, Caco Highly Confidential All printed copies and duplicate soft coples are considered ‘andthe original online version shouldbe referred to forthe latest version Page 41 of 112 [24]7 AMP NRFU Uncontrolled6.2 Sensor Operating System Configuration Tests Table 28 Sensor Operating System Configuration Test ae a Test Category: Software | Hostname: All Sensors Test Type: Standard Test Title: Sensor Operating System Configuration Test Test Number: 2.2 Verify that the appliance is running the correct version of the Sourcefire y operating system and that its patched with the latest release and Snort engine t Purpose: ‘Appliance is installed and network connectivity established Appliance has been configured inline with the low level design Remote access to the appliance is available from administration client Test Requirements: 1. Login to the console via SSH Q 2. Use the local administrator account to login 3. Enter expert in the expert account 4. Change directory to /ete/st Procedure: 5. Input less ims.conf 6. Verify configuration 7. Change directory eo /vaz/sf/detection_engines/ [DE reference! 8, Inputnore snort.cont 9._ Verify configuration Results Ren | Test Expected Result: | Actual Result Overall Result: ef: Bangalore BPO Sensor-1 2.1A | Software Version | 1BD Pass) | Fai O 2.16 | Operating System | TBD Pass: | Fait: 216 | SnortVersion [180 Pass) | Fait 0 Bangalore BPO Sensor-2 2.12 | Software Version | TBO Pass: | Fail: 2.16 | Operating System [78D Pass) | Fai 216 | Snort Version [MBO Pass) | Fail: LI Bangalore iLabs Sensor-1 2.12 | Software Version | TBD Passi) | Fait 2.16 | Operating System | TBD Pass: | Fail: 216 | SnortVersion [18D Pass: _| Fait O Bangalore iLabs Sensor2 Nowember 18,2015 [2417 AMP NRFU (lace Highly Confidential All printed copies and duplicate soft copies are considered uncontrlled ‘andthe original online version shouldbe referred to forthe latest version Page 42 of 112