STIGQter: STIG Summary: Apache Server 2.4 UNIX Site Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The Apache web server must augment re-creation to a stable and known baseline.

DISA Rule

SV-214289r612241_rule

Vulnerability Number

V-214289

Group Title

SRG-APP-000225-WSR-000074

Rule Version

AS24-U2-000540

Severity

CAT II

CCI(s)

• CCI-001190 - The information system fails to an organization-defined known-state for organization-defined types of failures.

Weight

10

Fix Recommendation

Prepare documentation for disaster recovery methods for the Apache web server in the event of the necessity for rollback.

Document and test the disaster recovery methods designed.

Check Contents

Interview the System Administrator for the Apache web server.

Ask for documentation on the disaster recovery methods tested and planned for the Apache web server in the event of the necessity for rollback.

If documentation for a disaster recovery has not been established, this is a finding.

Vulnerability Number

V-214289

Documentable

False

Rule Version

AS24-U2-000540

Severity Override Guidance

Interview the System Administrator for the Apache web server.

Ask for documentation on the disaster recovery methods tested and planned for the Apache web server in the event of the necessity for rollback.

If documentation for a disaster recovery has not been established, this is a finding.

Check Content Reference

M

Target Key

3997

Comments