Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-NET-000319-ALG-000015 | SRG-NET-000319-ALG-000015 | SRG-NET-000319-ALG-000015_rule | Medium |
Description |
---|
Failure to protect organizational information from data mining may result in a compromise of information. Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example, limiting the types of responses provided to database queries; limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases; and notifying organization personnel when atypical database queries or accesses occur. This requirement applies to ALGs and content filtering devices that are capable of monitoring or relaying database or web queries. |
STIG | Date |
---|---|
Application Layer Gateway Security Requirements Guide | 2014-06-27 |
Check Text ( C-SRG-NET-000319-ALG-000015_chk ) |
---|
If the ALG does not provide application content monitoring and control as part of its intermediary services, this is not a finding. Verify the ALG utilizes organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts. If the ALG does not utilize organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts, this is a finding. |
Fix Text (F-SRG-NET-000319-ALG-000015_fix) |
---|
Configure the ALG to utilize organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts. |