STIGQter STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 4 Release: 9 Benchmark Date: 25 Jan 2019: The application must not be hosted on a general purpose machine if the application is designated as critical or high availability by the ISSO.

DISA Rule

SV-84971r1_rule

Vulnerability Number

V-70349

Group Title

ASDV-PL-003040

Rule Version

APSC-DV-003040

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Deploy mission critical applications on servers that are not shared by other less critical applications.

Check Contents

Ask the application representative to review the servers where the application is deployed.

Ask what other applications are deployed on those servers.

Identify the criticality of the applications installed on the system.

If a mission critical application is deployed onto the same server as non-mission critical applications, this is a finding.

Vulnerability Number

V-70349

Documentable

False

Rule Version

APSC-DV-003040

Severity Override Guidance

Ask the application representative to review the servers where the application is deployed.

Ask what other applications are deployed on those servers.

Identify the criticality of the applications installed on the system.

If a mission critical application is deployed onto the same server as non-mission critical applications, this is a finding.

Check Content Reference

M

Target Key

3009

Comments