STIGQter STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015: The ALG must enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies.

DISA Rule

SV-68621r1_rule

Vulnerability Number

V-54375

Group Title

SRG-NET-000015-ALG-000016

Rule Version

SRG-NET-000015-ALG-000016

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the ALG to enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies.

Check Contents

Verify the ALG is configured to enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies.

If the ALG is not configured to enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies, this is a finding.

Vulnerability Number

V-54375

Documentable

False

Rule Version

SRG-NET-000015-ALG-000016

Severity Override Guidance

Verify the ALG is configured to enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies.

If the ALG is not configured to enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies, this is a finding.

Check Content Reference

M

Target Key

2489

Comments