Documentation - V-206370

V-206370

Web Server Security Requirements Guide

CAT II

Title

The log information from the web server must be protected from unauthorized deletion.

Description

<VulnDiscussion>Log data is essential in the investigation of events. The accuracy of the information is always pertinent. Information that is not accurate does not help in the revealing of potential security risks and may hinder the early discovery of a system compromise. One of the first steps an attacker will undertake is the modification or deletion of audit records to cover his tracks and prolong discovery. The web server must protect the log data from unauthorized deletion. This can be do...

Fix Text (Documentation Requirement)

Configure the web server log files so unauthorized deletion of log information is not possible.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel