STIGQter STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 23 Oct 2020:

The application must utilize organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts.

DISA Rule

SV-222424r508029_rule

Vulnerability Number

V-222424

Group Title

SRG-APP-000324

Rule Version

APSC-DV-000450

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Utilize and implement data mining protections when requirements specify it.

Check Contents

Review the security plan, application and system documentation and interview the application administrator to identify data mining protections that are required of the application.

If there are no data mining protections required, this requirement is not applicable.

Review the application authentication requirements and permissions.

Review documented protections that have been established to protect from data mining.

This can include limiting the number of queries allowed.

Automated alarming on atypical query events.

Limiting the number of records allowed to be returned in a query.

Not allowing data dumps.

If the application requirements specify protections for data mining and the application administrator is unable to identify or demonstrate that the protections are in place, this is a finding.

Vulnerability Number

V-222424

Documentable

False

Rule Version

APSC-DV-000450

Severity Override Guidance

Review the security plan, application and system documentation and interview the application administrator to identify data mining protections that are required of the application.

If there are no data mining protections required, this requirement is not applicable.

Review the application authentication requirements and permissions.

Review documented protections that have been established to protect from data mining.

This can include limiting the number of queries allowed.

Automated alarming on atypical query events.

Limiting the number of records allowed to be returned in a query.

Not allowing data dumps.

If the application requirements specify protections for data mining and the application administrator is unable to identify or demonstrate that the protections are in place, this is a finding.

Check Content Reference

M

Target Key

4093

Comments