STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 23 Oct 2020:

The application must provide audit record generation capability for connecting system IP addresses.

DISA Rule

SV-222448r508029_rule

Vulnerability Number

V-222448

Group Title

SRG-APP-000089

Rule Version

APSC-DV-000690

Severity

CAT II

CCI(s)

• CCI-000169 - The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.

Weight

10

Fix Recommendation

Configure the application or application server to log all connecting IP address information

Check Contents

Review the application documentation and interview the application administrator to identify where audit logs are stored.

Review audit logs and determine if the IP address information of systems that connect to the application is kept in the logs.

If connecting IP addresses are not seen in the logs, connect to the application remotely and review the logs to determine if the connection was logged.

If the IP addresses of the systems that connect to the application are not recorded in the logs, this is a finding.

Vulnerability Number

V-222448

Documentable

False

Rule Version

APSC-DV-000690

Severity Override Guidance

Review the application documentation and interview the application administrator to identify where audit logs are stored.

Review audit logs and determine if the IP address information of systems that connect to the application is kept in the logs.

If connecting IP addresses are not seen in the logs, connect to the application remotely and review the logs to determine if the connection was logged.

If the IP addresses of the systems that connect to the application are not recorded in the logs, this is a finding.

Check Content Reference

M

Target Key

4093

Comments