Documentation - V-222476

V-222476

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must produce audit records that contain information to establish the outcome of the events.

Description

<VulnDiscussion>Without information about the outcome of events, security personnel cannot make an accurate assessment as to whether an attack was successful or if changes were made to the security state of the system. Event outcomes can include indicators of event success or failure and event-specific results (e.g., the security state of the information system after the event occurred). As such, they also provide a means to measure the impact of an event and help authorized personnel to determ...

Fix Text (Documentation Requirement)

Configure the application to include the outcome of application functions or events.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel