UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The ALG that is part of a CDS must block the transfer of data with malformed security attribute metadata structures.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000280-ALG-000081 SRG-NET-000280-ALG-000081 SRG-NET-000280-ALG-000081_rule Medium
Description
Enforcing allowed information flows based on metadata enables simpler and more effective flow control. Metadata is information used to describe the characteristics of data. Metadata can include structural metadata describing data structures (e.g., data format, syntax, and semantics) or descriptive metadata describing data contents (e.g., age, location, telephone number). For cross domain solutions, security attributes are defined as, at a minimum, source and destination address.
STIG Date
Application Layer Gateway Security Requirements Guide 2014-06-27

Details

Check Text ( C-SRG-NET-000280-ALG-000081_chk )
If the ALG is not part of a CDS, this is not a finding.

Verify the ALG is configured to block the transfer of data with malformed security attribute metadata structures.

If the ALG is not configured to block the transfer of data with malformed security attribute metadata structures, this is a finding.
Fix Text (F-SRG-NET-000280-ALG-000081_fix)
Configure the ALG to block the transfer of data with malformed security attribute metadata structures.