SV-85911r1_rule
V-71287
SRG-NET-000019-ALG-000018
CAGW-GW-000120
CAT II
10
Open the CA API Gateway - Policy Manager.
Double-click all Registered Services required to restrict or block harmful or suspicious traffic.
Add /update the policy with the appropriate Assertions and include the proper logic and flow based on the information derived from parsing the attributes of a message request to the API in accordance with organizational requirements.
The policy should be configured to do comparisons and provide logical groupings of assertions using the "At least one..." and "All..." assertions so multiple checks can be performed on various attributes to control access to resources.
Open the CA API Gateway - Policy Manager.
Double-click all Registered Services required to restrict or block harmful or suspicious traffic.
Verify the policies include the proper logic and flow based on the information derived from parsing the attributes of the message request.
The policy should be configured to do comparisons and provide logical groupings of assertions using the "At least one..." and "All..." assertions so multiple checks can be performed on various attributes to control access to resources.
If it has not, this is a finding.
V-71287
False
CAGW-GW-000120
Open the CA API Gateway - Policy Manager.
Double-click all Registered Services required to restrict or block harmful or suspicious traffic.
Verify the policies include the proper logic and flow based on the information derived from parsing the attributes of the message request.
The policy should be configured to do comparisons and provide logical groupings of assertions using the "At least one..." and "All..." assertions so multiple checks can be performed on various attributes to control access to resources.
If it has not, this is a finding.
M
3049