The ALG must prompt the user for action prior to executing mobile code.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000396-ALG-000112	SRG-NET-000396-ALG-000112	SRG-NET-000396-ALG-000112_rule		Medium

Description
Mobile code can cause damage to the system. It can execute without explicit action from, or notification to, a user. Actions enforced before executing mobile code include, for example, scanning mobile code. Usage restrictions and implementation guidance apply to both the selection and use of mobile code installed, downloaded, or executed on all endpoints (e.g., servers, workstations, and smart phones).This requirement applies to network elements that have the ability to identify mobile code.

Description

Mobile code can cause damage to the system. It can execute without explicit action from, or notification to, a user. Actions enforced before executing mobile code include, for example, scanning mobile code. Usage restrictions and implementation guidance apply to both the selection and use of mobile code installed, downloaded, or executed on all endpoints (e.g., servers, workstations, and smart phones).This requirement applies to network elements that have the ability to identify mobile code.

STIG	Date
Application Layer Gateway Security Requirements Guide	2014-06-27

Details

Check Text ( C-SRG-NET-000396-ALG-000112_chk )
If the ALG does not perform content filtering as part of the traffic management functions, this is not a finding. Verify the ALG prompts the user for action prior to executing mobile code. If the ALG does not prompt the user for action prior to executing mobile code, this is a finding.

Fix Text (F-SRG-NET-000396-ALG-000112_fix)
Configure the ALG to prompt the user for action prior to executing mobile code.