UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The ALG providing application content monitoring and control as part of its intermediary services must utilize organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000319-ALG-000015 SRG-NET-000319-ALG-000015 SRG-NET-000319-ALG-000015_rule Medium
Description
Failure to protect organizational information from data mining may result in a compromise of information. Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example, limiting the types of responses provided to database queries; limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases; and notifying organization personnel when atypical database queries or accesses occur. This requirement applies to ALGs and content filtering devices that are capable of monitoring or relaying database or web queries.
STIG Date
Application Layer Gateway Security Requirements Guide 2014-06-27

Details

Check Text ( C-SRG-NET-000319-ALG-000015_chk )
If the ALG does not provide application content monitoring and control as part of its intermediary services, this is not a finding.

Verify the ALG utilizes organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts.

If the ALG does not utilize organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts, this is a finding.
Fix Text (F-SRG-NET-000319-ALG-000015_fix)
Configure the ALG to utilize organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts.