Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-16839 | APP6080 | SV-17839r1_rule | DCSQ-1 | Medium |
Description |
---|
Known threats documented in the threat model should be mitigated, to prevent DoS type attacks. |
STIG | Date |
---|---|
Application Security and Development Checklist | 2014-12-22 |
Check Text ( C-17845r1_chk ) |
---|
Ask the application representative to review the threat model for DoS attacks. Verify the mitigation for DoS attacks are implemented from the threat model. If the application is a COTS/GOTS product or is composed of only COTS/GOTS products with no custom code, this check does not apply unless the application is being reviewed by or in conjunction with the COTS/GOTS vendor in which case this check is applicable. 1) If the mitigation from the threat model for DoS attacks are not implemented, it is a finding. |
Fix Text (F-17159r1_fix) |
---|
Implement mitigations from the threat model for DOS attacks. |