STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must employ cryptographic mechanisms to ensure confidentiality and integrity of all information at rest when stored off-line.

DISA Rule

SV-204771r508029_rule

Vulnerability Number

V-204771

Group Title

SRG-APP-000231

Rule Version

SRG-APP-000231-AS-000156

Severity

CAT II

CCI(s)

• CCI-001199 - The information system protects the confidentiality and/or integrity of organization-defined information at rest.

Weight

10

Fix Recommendation

Configure the application server to employ cryptographic mechanisms to ensure confidentiality and integrity of all application server data at rest when stored off-line.

Check Contents

Review the application server configuration to ensure the system is protecting the confidentiality and integrity of all application server data at rest when stored off-line.

If the application server is not configured to protect all application server data at rest when stored off-line, this is a finding.

Vulnerability Number

V-204771

Documentable

False

Rule Version

SRG-APP-000231-AS-000156

Severity Override Guidance

Review the application server configuration to ensure the system is protecting the confidentiality and integrity of all application server data at rest when stored off-line.

If the application server is not configured to protect all application server data at rest when stored off-line, this is a finding.

Check Content Reference

M

Target Key

2900

Comments