V-222668
SV-222668r961863_rule
CAT II
The system must alert an administrator when low resource conditions are encountered.
From: Application Security and Development Security Technical Implementation Guide (V6R4)
Description
<VulnDiscussion>In order to prevent DoS type attacks, applications should be monitored when resource conditions reach a predefined threshold. This could indicate the onset of a DoS attack or could be the precursor to an application outage.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Review the system documentation and interview the application and system administrators.
Examine the system to determine if an automated, continuous on-line monitoring and audit trail creation capability is present with the capability to immediately alert personnel of any unusual or inappropriate activity with potential IA implications, and with a user configurable capability to automatically disable the system if serious IA violations are detected.
If this monitoring capability does not exist, this is a finding.
Fix Text
Implement mechanisms to alert system administrators about a low resource condition.
CCI Reference
CCI-001274- Created
- 2026-04-07 20:08:09
- Last Updated
- 2026-04-07 20:08:09