Documentation - V-204818

V-204818

Application Server Security Requirements Guide

CAT II

Title

The application server must employ approved cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission.

Description

<VulnDiscussion>Preventing the disclosure or modification of transmitted information requires that application servers take measures to employ approved cryptography to protect the information during transmission over the network. This is usually achieved through the use of Transport Layer Security (TLS), SSL VPN, or IPSec tunnel. If data in transit is unencrypted, it is vulnerable to disclosure and modification. If approved cryptographic algorithms are not used, encryption strength cannot be as...

Fix Text (Documentation Requirement)

Configure the application server to use approved cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel