STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 23 Oct 2020:SV-222615r508029_rule
V-222615
SRG-APP-000472
APSC-DV-002760
CAT II
10
Design the application to verify the correct operation of security functions.
Review the application documentation and interview the system administrator to determine if the application performs security function testing.
If the application is not designed or intended to perform security function testing, the requirement is not applicable.
Access the application design documents and determine if the application is designed to verify the correct operation of security functions.
Review application logs and take note of log entries that indicate security function testing is being performed and verified.
If the application is designed to perform security function testing and does not verify the correct operation of security functions, this is a finding.
V-222615
False
APSC-DV-002760
Review the application documentation and interview the system administrator to determine if the application performs security function testing.
If the application is not designed or intended to perform security function testing, the requirement is not applicable.
Access the application design documents and determine if the application is designed to verify the correct operation of security functions.
Review application logs and take note of log entries that indicate security function testing is being performed and verified.
If the application is designed to perform security function testing and does not verify the correct operation of security functions, this is a finding.
M
4093