STIGQter STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 23 Oct 2020:

The application must use cryptographic mechanisms to protect the integrity of audit information.

DISA Rule

SV-222507r508029_rule

Vulnerability Number

V-222507

Group Title

SRG-APP-000126

Rule Version

APSC-DV-001350

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the application to create an integrity check consisting of a cryptographic hash or one-way digest that can be used to establish the integrity when storing log files.

Check Contents

Review the system documentation and interview the application administrator for details regarding application architecture, audit methods, and provided audit tools.

Identify the location of the application audit information.

If the application is configured to utilize a centralized audit log solution that uses cryptographic methods that meet this requirement such as creating cryptographic hash values or message digests that can be used to validate integrity of audit files, the requirement is not applicable.

Ask application administrator to demonstrate the cryptographic mechanisms used to protect the integrity of audit data.

Verify when application logs are stored on the file system, a process that includes the creation of an integrity check of the audit file being stored is utilized. This integrity check can be the creation of a checksum, message digest or other one-way cryptographic hash of the audit file that is created.

If an integrity check is not created to protect the integrity of the audit information, this is a finding.

Vulnerability Number

V-222507

Documentable

False

Rule Version

APSC-DV-001350

Severity Override Guidance

Review the system documentation and interview the application administrator for details regarding application architecture, audit methods, and provided audit tools.

Identify the location of the application audit information.

If the application is configured to utilize a centralized audit log solution that uses cryptographic methods that meet this requirement such as creating cryptographic hash values or message digests that can be used to validate integrity of audit files, the requirement is not applicable.

Ask application administrator to demonstrate the cryptographic mechanisms used to protect the integrity of audit data.

Verify when application logs are stored on the file system, a process that includes the creation of an integrity check of the audit file being stored is utilized. This integrity check can be the creation of a checksum, message digest or other one-way cryptographic hash of the audit file that is created.

If an integrity check is not created to protect the integrity of the audit information, this is a finding.

Check Content Reference

M

Target Key

4093

Comments