Documentation - V-206379

V-206379

Web Server Security Requirements Guide

CAT II

Title

The web server must provide install options to exclude installation of utility programs, services, plug-ins, and modules not necessary for operation.

Description

<VulnDiscussion>Just as running unneeded services and protocols is a danger to the web server at the lower levels of the OSI model, running unneeded utilities and programs is also a danger at the application layer of the OSI model. Office suites, development tools, and graphical editors are examples of such programs that are troublesome. Individual productivity tools have no legitimate place or use on an enterprise, production web server and they are also prone to their own security risks. The...

Fix Text (Documentation Requirement)

Use the web server uninstall facility or manually remove any utility programs, services, or modules not needed by the web server for operation.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel