Documentation - V-222565

V-222565

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must employ strong authenticators in the establishment of non-local maintenance and diagnostic sessions.

Description

<VulnDiscussion>If maintenance tools are used by unauthorized personnel, they may accidentally or intentionally damage or compromise the system. The act of managing systems and applications includes the ability to access sensitive application information, such as, system configuration details, diagnostic information, user information, and potentially sensitive application data. Non-local maintenance and diagnostic activities are those activities conducted by individuals communicating through a ...

Fix Text (Documentation Requirement)

Configure the application to use strong authentication (CAC) when accessing the application for maintenance purposes.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel