Documentation - V-222486

V-222486

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must shut down by default upon audit failure (unless availability is an overriding concern).

Description

<VulnDiscussion>It is critical that when the application is at risk of failing to process audit logs as required, it take action to mitigate the failure. Audit processing failures include: software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode. When availability is an overriding concern, other approved actions in response to an audit failure are as follows: ...

Fix Text (Documentation Requirement)

Configure the application to cease processing if the audit system fails or configure the application to continue logging in a manner that compensates for the audit failure.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel