STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015:

The ALG that is part of a CDS must prohibit the transfer of unsanctioned information in accordance with the security policy when transferring information between different security domains.

DISA Rule

SV-68723r1_rule

Vulnerability Number

V-54477

Group Title

SRG-NET-000285-ALG-000074

Rule Version

SRG-NET-000285-ALG-000074

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.
CCI-001374 - The information system, when transferring information between different security domains, prohibits the transfer of organization-defined unsanctioned information in accordance with the organization-defined security policy.

Weight

Fix Recommendation

If the ALG is part of a CDS, configure the ALG to prohibit the transfer of unsanctioned information in accordance with the security policy when transferring information between different security domains.

Check Contents

If the ALG is not part of a CDS, this is not applicable.

Verify the ALG prohibits the transfer of unsanctioned information in accordance with the security policy when transferring information between different security domains.

If the ALG is not configured to prohibit the transfer of unsanctioned information in accordance with the security policy when transferring information between different security domains, this is a finding.

The ALG that is part of a CDS must prohibit the transfer of unsanctioned information in accordance with the security policy when transferring information between different security domains.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments