STIGQter: STIG Summary: Web Server Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 26 Apr 2019:

The web server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.

DISA Rule

SV-70239r2_rule

Vulnerability Number

V-55985

Group Title

SRG-APP-000516-WSR-000174

Rule Version

SRG-APP-000516-WSR-000174

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the web server to be configured according to DoD security configuration guidance.

Check Contents

Review the web server documentation and deployed configuration to determine if web server is configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance.

If the web server is not configured according to the guidance, this is a finding.

Vulnerability Number

V-55985

Documentable

False

Rule Version

SRG-APP-000516-WSR-000174

Severity Override Guidance

Review the web server documentation and deployed configuration to determine if web server is configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance.

If the web server is not configured according to the guidance, this is a finding.

Check Content Reference

M

Target Key

2557

Comments