The ALG providing application content monitoring and control as part of its intermediary services must utilize organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000318-ALG-000014	SRG-NET-000318-ALG-000014	SRG-NET-000318-ALG-000014_rule		Medium

Description
Failure to protect organizational information from data mining may result in a compromise of information. Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example, limiting the types of responses provided to database queries; limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases; and notifying organization personnel when atypical database queries or accesses occur. This requirement applies to ALGs and content filtering devices that are capable of monitoring or relaying database or web queries.

Description

Failure to protect organizational information from data mining may result in a compromise of information. Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example, limiting the types of responses provided to database queries; limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases; and notifying organization personnel when atypical database queries or accesses occur. This requirement applies to ALGs and content filtering devices that are capable of monitoring or relaying database or web queries.

STIG	Date
Application Layer Gateway Security Requirements Guide	2014-06-27

Details

Check Text ( C-SRG-NET-000318-ALG-000014_chk )
If the ALG does not provide application content monitoring and control as part of its intermediary services, this is not a finding. Verify the ALG utilizes organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining. If the ALG does not utilize organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining, this is a finding.

Check Text ( C-SRG-NET-000318-ALG-000014_chk )

If the ALG does not provide application content monitoring and control as part of its intermediary services, this is not a finding.

Verify the ALG utilizes organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining.

If the ALG does not utilize organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining, this is a finding.

Fix Text (F-SRG-NET-000318-ALG-000014_fix)
Configure the ALG to utilize organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining.