Documentation - V-204828

V-204828

Application Server Security Requirements Guide

CAT II

Title

The application must generate log records showing starting and ending times for user access to the application server management interface.

Description

<VulnDiscussion>Determining when a user has accessed the management interface is important to determine the timeline of events when a security incident occurs. Generating these events, especially if the management interface is accessed via a stateless protocol like HTTP, the log events will be generated when the user performs a logon (start) and when the user performs a logoff (end). Without these events, the user and later investigators cannot determine the sequence of events and therefore ca...

Fix Text (Documentation Requirement)

Configure the application server to generate log records showing starting and ending times of user access to the management interface.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel