Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-70415 | APSC-DV-003330 | SV-85037r2_rule | Medium |
Description |
---|
In order to prevent DoS type attacks, applications should be monitored when resource conditions reach a predefined threshold. This could indicate the onset of a DoS attack or could be the precursor to an application outage. |
STIG | Date |
---|---|
Application Security and Development Security Technical Implementation Guide | 2020-06-12 |
Check Text ( C-70869r1_chk ) |
---|
Review the system documentation and interview the application and system administrators. Examine the system to determine if an automated, continuous on-line monitoring and audit trail creation capability is present with the capability to immediately alert personnel of any unusual or inappropriate activity with potential IA implications, and with a user configurable capability to automatically disable the system if serious IA violations are detected. If this monitoring capability does not exist, this is a finding. |
Fix Text (F-76651r1_fix) |
---|
Implement mechanisms to alert system administrators about a low resource condition. |