Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The ALG must prompt the user for action prior to executing mobile code.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000396-ALG-000112 | SRG-NET-000396-ALG-000112 | SRG-NET-000396-ALG-000112_rule | Medium |
| Description |
|---|
| Mobile code can cause damage to the system. It can execute without explicit action from, or notification to, a user. Actions enforced before executing mobile code include, for example, scanning mobile code. Usage restrictions and implementation guidance apply to both the selection and use of mobile code installed, downloaded, or executed on all endpoints (e.g., servers, workstations, and smart phones).This requirement applies to network elements that have the ability to identify mobile code. |
| STIG | Date |
|---|---|
| Application Layer Gateway Security Requirements Guide | 2014-06-27 |
Details
| Check Text ( C-SRG-NET-000396-ALG-000112_chk ) |
|---|
| If the ALG does not perform content filtering as part of the traffic management functions, this is not a finding. Verify the ALG prompts the user for action prior to executing mobile code. If the ALG does not prompt the user for action prior to executing mobile code, this is a finding. |
| Fix Text (F-SRG-NET-000396-ALG-000112_fix) |
|---|
| Configure the ALG to prompt the user for action prior to executing mobile code. |