STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017:

The CA API Gateway must prohibit the use of cached authenticators after an organization-defined time period.

DISA Rule

SV-86059r1_rule

Vulnerability Number

V-71435

Group Title

SRG-NET-000344-ALG-000098

Rule Version

CAGW-GW-000630

Severity

CAT II

CCI(s)

• CCI-002007 - The information system prohibits the use of cached authenticators after an organization-defined time period.

Weight

10

Fix Recommendation

Open the CA API Gateway - Policy Manager and select the "Identity Provider" tab.

Update the "Cache Size" and "Cache Maximum Age" in accordance with organization-defined requirements.

Check Contents

Open the CA API Gateway - Policy Manager and select the "Identity Provider" tab.

Verify the "Cache Size" and "Cache Maximum Age" are set in accordance with organization-defined requirements.

If the values are not set or are not set in accordance with organizational requirements, this is a finding.

Vulnerability Number

V-71435

Documentable

False

Rule Version

CAGW-GW-000630

Severity Override Guidance

Open the CA API Gateway - Policy Manager and select the "Identity Provider" tab.

Verify the "Cache Size" and "Cache Maximum Age" are set in accordance with organization-defined requirements.

If the values are not set or are not set in accordance with organizational requirements, this is a finding.

Check Content Reference

M

Target Key

3049

Comments