STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server, when a MAC I system, must be in a high-availability (HA) cluster.

DISA Rule

SV-204814r508029_rule

Vulnerability Number

V-204814

Group Title

SRG-APP-000435

Rule Version

SRG-APP-000435-AS-000069

Severity

CAT II

CCI(s)

• CCI-002385 - The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.

Weight

10

Fix Recommendation

If the application server is not a MAC I system, this requirement is NA.

Configure the application server to be part of an HA cluster.

Check Contents

If the application server is not a MAC I system, this requirement is NA.

Review the application server documentation and configuration to determine if the application server is part of an HA cluster.

If the application server is not part of an HA cluster, this is a finding.

Vulnerability Number

V-204814

Documentable

False

Rule Version

SRG-APP-000435-AS-000069

Severity Override Guidance

If the application server is not a MAC I system, this requirement is NA.

Review the application server documentation and configuration to determine if the application server is part of an HA cluster.

If the application server is not part of an HA cluster, this is a finding.

Check Content Reference

M

Target Key

2900

Comments