ob Reon
1.2F | Primary DNS Server TBD Pass:(] | Fait: ]
1.26 | Secondary ONS Sener | TBD Pass: | Fak]
USA Campbell Sensor 2
1.2 [Management IP Address | BD Pass:C] | Fal:
7.28 | Subnet Mask TBD Pass:O | Fai]
1.26 | Default Gateway TBD Pass] _| Fait]
12D | Hostname TBD Pass) | Falk)
7.2E | Remote Management Port _| TBD Pass:L | Fait)
1.2F | Primary DNS Server TBD Pass:L | Fait]
1.26 | Secondary ONS Sever [TBD Pass: _| Fait:
USA Alameda Sensor-t
12a [Management iP Address | TBD Pass:O | Fai)
1.28 | Subnet Mask TBD Pass] _| Fait:
1.26 | Default Gateway TBD. PassL) | Falk)
7.20 | Hostname TED Pass:L)_| Fai:
1.2 | Remote Management Pot _| TBD Pass: | Fai
1.2F | Primary DNS Server TBD Pass:O | Fai]
126 | Secondary ONS Sener | TBD Pass: Fait)
USA Alameda Sensor2
12a [ManagementiP Address | TBD Pass:O | Fai]
7.28 | Subnet Mask TBD Pass:O) | Fai]
1.26 | Default Gateway TBD, Pass: | Fai
7.20 | Hostname TBD Pass O | Fat)
126 | Remote Management Port | TBD Pass: | Fai
1.2F | Primary DNS Server TBD Pass:C | Fait]
1.26 | Secondary ONS Sener [TBD Pass: | Fai
Roasons for Failure:
Corrective Actions:
November 18 2015 [24]7 AMP NRFU
(lace Highly Confidential All printed copies and duplicate soft copies are considered uncontrlled
‘andthe original online version shouldbe referred to forthe latest version
Page 40 of 1126 Operating System Configuration Tests
‘The aim of these tests is to ensure that the appliances have the correct version of the Sourcefire
‘operating system installed and are using the latest patch and Snort engine applicable for the version.
6.1 FireSIGHT Management Center FS2000 Operating
System Configuration Tests
Table 27 FieSIGHT Management Center F52000 Operating System Configuration Test
Test
Test Number: 2:4
le: FireSIGHT Management Center FS2000 Operating System Configuration Test
Requirements:
| Verify that the appliance is running the correct version of the Sourcefire
Test Purpose: | operating system and that its patched with the latest release and Snort engine
‘Appliance is installed and network connectivity established
Test
Appliance has been configured inline with the low level design
Remote access to the appliance is available from administration client
Login to the web GUI https://
Procedure: | 2. Use the local administrator account to login
3._Select Holp > About
Results
Fest rest: Expected Result: | Actual Result: Overall Result:
2.1A | Software Version | TBD Pass: | Fail: O]
218 | EqualtoEstate | Yes Pass) | Fail: 0
2.16 | Operating System [TBD Pass: | Fai:
21D | EqualtoEstate | Yes Pass: | Fail:
2.16 | Snort Version | 78D Pass: | Fail]
21F [EqualtoEstate | Yes Pass) | Fail: O)
Reasons for Failure:
Corrective Actions:
November 18,2035,
Caco Highly Confidential All printed copies and duplicate soft coples are considered
‘andthe original online version shouldbe referred to forthe latest version
Page 41 of 112
[24]7 AMP NRFU
Uncontrolled6.2 Sensor Operating System Configuration Tests
Table 28 Sensor Operating System Configuration Test
ae a
Test Category: Software | Hostname: All Sensors Test Type: Standard
Test Title: Sensor Operating System Configuration Test
Test Number: 2.2
Verify that the appliance is running the correct version of the Sourcefire
y operating system and that its patched with the latest release and Snort engine
t Purpose:
‘Appliance is installed and network connectivity established
Appliance has been configured inline with the low level design
Remote access to the appliance is available from administration client
Test
Requirements:
1. Login to the console via SSH Q
2. Use the local administrator account to login
3. Enter expert in the expert account
4. Change directory to /ete/st
Procedure: 5. Input less ims.conf
6. Verify configuration
7. Change directory eo /vaz/sf/detection_engines/ [DE reference!
8, Inputnore snort.cont
9._ Verify configuration
Results
Ren | Test Expected Result: | Actual Result Overall Result:
ef:
Bangalore BPO Sensor-1
2.1A | Software Version | 1BD Pass) | Fai O
2.16 | Operating System | TBD Pass: | Fait:
216 | SnortVersion [180 Pass) | Fait 0
Bangalore BPO Sensor-2
2.12 | Software Version | TBO Pass: | Fail:
2.16 | Operating System [78D Pass) | Fai
216 | Snort Version [MBO Pass) | Fail: LI
Bangalore iLabs Sensor-1
2.12 | Software Version | TBD Passi) | Fait
2.16 | Operating System | TBD Pass: | Fail:
216 | SnortVersion [18D Pass: _| Fait O
Bangalore iLabs Sensor2
Nowember 18,2015 [2417 AMP NRFU
(lace Highly Confidential All printed copies and duplicate soft copies are considered uncontrlled
‘andthe original online version shouldbe referred to forthe latest version
Page 42 of 112