Documentation - V-204736

V-204736

Application Server Security Requirements Guide

CAT II

Title

The application server must protect log tools from unauthorized modification.

Description

<VulnDiscussion>Protecting log data also includes identifying and protecting the tools used to view and manipulate log data. Depending upon the log format and application, system and application log tools may provide the only means to manipulate and manage application and system log data. It is, therefore, imperative that access to log tools be controlled and protected from unauthorized modification. If an attacker were to modify log tools, he could also manipulate logs to hide evidence of m...

Fix Text (Documentation Requirement)

Configure the application server or the OS to protect log tools from unauthorized modification.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel