STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015:

The ALG must invalidate session identifiers upon user logout or other session termination.

DISA Rule

SV-68863r1_rule

Vulnerability Number

V-54617

Group Title

SRG-NET-000231-ALG-000114

Rule Version

SRG-NET-000231-ALG-000114

Severity

CAT II

CCI(s)

CCI-001185 - The information system invalidates session identifiers upon user logout or other session termination.

Weight

Fix Recommendation

Configure ALG to invalidate session identifiers upon user logout or other session termination.

Check Contents

Verify the ALG invalidates session identifiers upon user logout or other session termination.

If the ALG does not invalidate session identifiers upon user logout or other session termination, this is a finding.

Vulnerability Number

V-54617

Documentable

False

Rule Version

SRG-NET-000231-ALG-000114

Severity Override Guidance

Check Content Reference

Target Key

2489

The ALG must invalidate session identifiers upon user logout or other session termination.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments