STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015:

The ALG must prohibit the use of cached authenticators after an organization-defined time period.

DISA Rule

SV-68773r1_rule

Vulnerability Number

V-54527

Group Title

SRG-NET-000344-ALG-000098

Rule Version

SRG-NET-000344-ALG-000098

Severity

CAT II

CCI(s)

• CCI-002007 - The information system prohibits the use of cached authenticators after an organization-defined time period.

Weight

10

Fix Recommendation

Configure the ALG to prohibit the use of cached authenticators after an organization-defined time period.

Check Contents

Verify the ALG prohibits the use of cached authenticators after an organization-defined time period.

If the ALG does not prohibit the use of cached authenticators after an organization-defined time period, this is a finding.

Vulnerability Number

V-54527

Documentable

False

Rule Version

SRG-NET-000344-ALG-000098

Severity Override Guidance

Verify the ALG prohibits the use of cached authenticators after an organization-defined time period.

If the ALG does not prohibit the use of cached authenticators after an organization-defined time period, this is a finding.

Check Content Reference

M

Target Key

2489

Comments