UCF STIG Viewer Logo

In the event of a system failure, applications must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.


Overview

Finding ID Version Rule ID IA Controls Severity
V-70223 APSC-DV-002320 SV-84845r1_rule Medium
Description
Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving application state information helps to facilitate application restart and return to the operational mode of the organization with less disruption to mission-essential processes.
STIG Date
Application Security and Development Security Technical Implementation Guide 2018-04-03

Details

Check Text ( C-70699r1_chk )
Review application documentation, interview application administrator to identify how the application logs error events.

The application operational requirements documentation should provide the specific information that must be preserved in order to return the application back into operation as quickly and efficiently as possible. The application administrator will need to identify and provide the information based upon operational requirements documents.

Application diagnostic information should be kept in logs for evaluation and investigation into root cause.

If documentation is provided stating that no particular information needs to be retained in order to expediently bring the application back online, this is not a finding.

If the application does not log the data required to determine root cause of application failure, or if information specified as required in order to expediently bring the application back online is not retained, this is a finding.
Fix Text (F-76459r1_fix)
Create operational configuration documentation that identifies information needed for the application to return back into service or specify no such data is required, and retain data required to determine root cause of application failures.