UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The designer will ensure the application installs with unnecessary functionality disabled by default.


Overview

Finding ID Version Rule ID IA Controls Severity
V-16786 APP3110 SV-17786r1_rule DCSD-1 Medium
Description
If functionality is enabled that is not required for operation of the application, this functionality may be exploited without knowledge because the functionality is not required by anyone.
STIG Date
Application Security and Development Checklist 2014-12-22

Details

Check Text ( C-17771r1_chk )
Ask the application representative to review the installation guide to determine what functionality is installed and enabled by default on installation of the application.

Examples may include the following:
Functions that send information back to the vendor.
E-mail functions enabled when not required for functionality.

1) If the application installs with functionality which is unnecessary and enabled by default, it is a finding.
Fix Text (F-16993r1_fix)
Remove or disable unnecessary functionality.