The Test Manager will ensure test procedures are created and at least annually executed to ensure system initialization, shutdown, and aborts are configured to ensure the system remains in a secure state.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-16827 | APP5060 | SV-17827r1_rule | DCSS-2 | Medium |
| Description |
|---|
| Secure state assurance cannot be accomplished without testing the system state at least annually to ensure the system remains in a secure state upon intialization, shutdown and abort. |
| STIG | Date |
|---|---|
| Application Security and Development Checklist | 2014-12-22 |
Details
| Check Text ( C-17826r1_chk ) |
|---|
| Ask the application representative to provide tests plans, procedures and results to ensure system initialization, shutdown, and aborts keep the system in a secure state. If the application is a COTS/GOTS product or is composed of only COTS/GOTS products with no custom code, this check does not apply unless the application is being reviewed by or in conjunction with the COTS/GOTS vendor in which case this check is applicable. 1) If test plans, procedures, and results do not exist ,or at least executed annually, it is a finding. |
| Fix Text (F-17144r1_fix) |
|---|
| Correct errors in initialization, shutdown, and aborts leaving the system in an unsecure state. |