Documentation - V-222415

V-222415

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must automatically audit account disabling actions.

Description

<VulnDiscussion>When application accounts are disabled, user accessibility is affected. Accounts are utilized for identifying individual application users or for identifying the application processes themselves. In order to detect and respond to events affecting user accessibility and application processing, applications must audit account disabling actions and, as required, notify the appropriate individuals, so they can investigate the event. Such a capability greatly reduces the risk that app...

Fix Text (Documentation Requirement)

Configure the application to write a log entry when a user account is disabled. At a minimum, ensure account name, date and time of the event are recorded.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel