Documentation - V-204727

V-204727

Application Server Security Requirements Guide

CAT II

Title

The application server must generate log records containing the full-text recording of privileged commands or the individual identities of group account users.

Description

<VulnDiscussion>Privileged commands are commands that change the configuration or data of the application server. Since this type of command changes the application server configuration and could possibly change the security posture of the application server, these commands need to be logged to show the full-text of the command executed. Without the full-text, reconstruction of harmful events or forensic analysis is not possible. Organizations can consider limiting the additional log informat...

Fix Text (Documentation Requirement)

Configure the application server to generate the full-text recording of privileged commands or the individual identities of group users, or both.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel