STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.

DISA Rule

SV-204834r508029_rule

Vulnerability Number

V-204834

Group Title

SRG-APP-000516

Rule Version

SRG-APP-000516-AS-000237

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the application server to be in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.

Check Contents

Review the application server documentation and configuration to determine if the application server is configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.

If the application server is not configured in accordance with security configuration settings, this is a finding.

Vulnerability Number

V-204834

Documentable

False

Rule Version

SRG-APP-000516-AS-000237

Severity Override Guidance

Review the application server documentation and configuration to determine if the application server is configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.

If the application server is not configured in accordance with security configuration settings, this is a finding.

Check Content Reference

M

Target Key

2900

Comments