Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The ALG that is part of a CDS, when transferring information between different security domains, must use organization-defined data type identifiers to validate data essential for information flow decisions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000324-ALG-000070 | SRG-NET-000324-ALG-000070 | SRG-NET-000324-ALG-000070_rule | Medium |
| Description |
|---|
| Information flow decisions based on invalid data may allow unintended and unauthorized data flows, and therefore risk the confidentiality of information. They may also result in the unauthorized release (spill) of information. Data type identifiers include, for example, file names, file types, file signatures/tokens, and multiple internal file signatures/tokens. Information systems may allow transfer of data only if compliant with data type format specifications. |
| STIG | Date |
|---|---|
| Application Layer Gateway Security Requirements Guide | 2014-06-27 |
Details
| Check Text ( C-SRG-NET-000324-ALG-000070_chk ) |
|---|
| If the ALG is not part of a CDS, this is not a finding. Verify the ALG is configured to use organization-defined data type identifiers to validate data essential for information flow decisions. If the ALG is not configured to use organization-defined data type identifiers to validate data essential for information flow decisions, this is a finding. |
| Fix Text (F-SRG-NET-000324-ALG-000070_fix) |
|---|
| Configure the ALG to use organization-defined data type identifiers to validate data essential for information flow decisions. |