STIGQter STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 23 Oct 2020:

The application must maintain a separate execution domain for each executing process.

DISA Rule

SV-222591r508029_rule

Vulnerability Number

V-222591

Group Title

SRG-APP-000431

Rule Version

APSC-DV-002370

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Design and configure applications to maintain a separate execution domain for each executing process.

Check Contents

Review the application documentation, the architecture documentation and interview the application administrator.

Identify if the application architecture provides the capability to sandbox executing processes so as to prevent a process in one application domain from sharing another application domain.

Ask the application administrator to demonstrate how the application processes are separated. This may be demonstrated by examining the OS processes running on the system and identifying the separate application processes.

If the application does not maintain a separate execution domain for each executing process, this is a finding.

Vulnerability Number

V-222591

Documentable

False

Rule Version

APSC-DV-002370

Severity Override Guidance

Review the application documentation, the architecture documentation and interview the application administrator.

Identify if the application architecture provides the capability to sandbox executing processes so as to prevent a process in one application domain from sharing another application domain.

Ask the application administrator to demonstrate how the application processes are separated. This may be demonstrated by examining the OS processes running on the system and identifying the separate application processes.

If the application does not maintain a separate execution domain for each executing process, this is a finding.

Check Content Reference

M

Target Key

4093

Comments