STIGQter STIGQter: STIG Summary: Microsoft DotNet Framework 4.0 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

CAS and policy configuration files must be backed up.

DISA Rule

SV-225227r615940_rule

Vulnerability Number

V-225227

Group Title

SRG-APP-000120

Rule Version

APPNET0055

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

All CAS policy and policy configuration files must be included in the system backup.

All CAS policy and policy configuration files must be backed up prior to migration, deployment, and reconfiguration.

CAS policy configuration files must be included in disaster recovery plan documentation.

Check Contents

Ask the System Administrator if all CAS policy and policy configuration files are included in the system backup. If they are not, this is a finding.

Ask the System Administrator if the policy and configuration files are backed up prior to migration, deployment, and reconfiguration. If they are not, this is a finding.

Ask the System Administrator for documentation that shows CAS Policy configuration files are backed up as part of a disaster recovery plan. If they have no documentation proving the files are backed up, this is a finding.

Vulnerability Number

V-225227

Documentable

False

Rule Version

APPNET0055

Severity Override Guidance

Ask the System Administrator if all CAS policy and policy configuration files are included in the system backup. If they are not, this is a finding.

Ask the System Administrator if the policy and configuration files are backed up prior to migration, deployment, and reconfiguration. If they are not, this is a finding.

Ask the System Administrator for documentation that shows CAS Policy configuration files are backed up as part of a disaster recovery plan. If they have no documentation proving the files are backed up, this is a finding.

Check Content Reference

M

Target Key

4213

Comments