STIGQter STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017: The CA API Gateway providing user access control intermediary services must display the Standard Mandatory DoD-approved Notice and Consent Banner before granting access to the network.

DISA Rule

SV-85913r1_rule

Vulnerability Number

V-71289

Group Title

SRG-NET-000041-ALG-000022

Rule Version

CAGW-GW-000130

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Open the CA API GW - Policy Manager and create a Registered Service that includes a "Return Template Response" Assertion displaying the Standard Mandatory DoD-approved Notice and Consent Banner.

For more details, refer to the “CA API Management Documentation Wiki" at https://wiki.ca.com/display/GATEWAY90/CA+API+Gateway+Home.

Check Contents

Open the CA API GW - Policy Manager and verify that a Registered Service is present for displaying the Standard Mandatory DoD-approved Notice and Consent Banner.

If the Registered Service is not present, this is a finding.

Vulnerability Number

V-71289

Documentable

False

Rule Version

CAGW-GW-000130

Severity Override Guidance

Open the CA API GW - Policy Manager and verify that a Registered Service is present for displaying the Standard Mandatory DoD-approved Notice and Consent Banner.

If the Registered Service is not present, this is a finding.

Check Content Reference

M

Target Key

3049

Comments