STIGQter: STIG Summary: Web Server Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 26 Apr 2019:

Remote access to the web server must follow access policy or work in conjunction with enterprise tools designed to enforce policy requirements.

DISA Rule

SV-70207r2_rule

Vulnerability Number

V-55953

Group Title

SRG-APP-000315-WSR-000003

Rule Version

SRG-APP-000315-WSR-000003

Severity

CAT II

CCI(s)

• CCI-002314 - The information system controls remote access methods.

Weight

10

Fix Recommendation

Configure the web server to enforce the remote access policy or to work with an enterprise tool designed to enforce the policy.

Check Contents

Review the web server product documentation and deployed configuration to determine if the server or an enterprise tool is enforcing the organization's requirements for remote connections.

If the web server is not configured to enforce these requirements and an enterprise tool is not in place, this is a finding.

Vulnerability Number

V-55953

Documentable

False

Rule Version

SRG-APP-000315-WSR-000003

Severity Override Guidance

Review the web server product documentation and deployed configuration to determine if the server or an enterprise tool is enforcing the organization's requirements for remote connections.

If the web server is not configured to enforce these requirements and an enterprise tool is not in place, this is a finding.

Check Content Reference

M

Target Key

2557

Comments