Documentation - V-206351

V-206351

Web Server Security Requirements Guide

CAT II

Title

The web server must perform server-side session management.

Description

<VulnDiscussion>Session management is the practice of protecting the bulk of the user authorization and identity information. Storing of this data can occur on the client system or on the server. When the session information is stored on the client, the session ID, along with the user authorization and identity information, is sent along with each client request and is stored in either a cookie, embedded in the uniform resource locator (URL), or placed in a hidden field on the displayed form. ...

Fix Text (Documentation Requirement)

Configure the web server to perform server-side session management.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel