Documentation - V-222387

V-222387

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must provide a capability to limit the number of logon sessions per user.

Description

<VulnDiscussion>Application management includes the ability to control the number of users and user sessions that utilize an application. Limiting the number of allowed users and sessions per user is helpful in limiting risks related to DoS attacks. This requirement may be met via the application or by utilizing information system session control provided by a web server or other underlying solution that provides specialized session management capabilities. If it has been specified that this r...

Fix Text (Documentation Requirement)

Design and configure the application to specify the number of logon sessions that are allowed per user.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel