UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IAO will ensure unnecessary services are disabled or removed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-6151 APP6030 SV-6151r1_rule DCSD-1 Medium
Description
Unnecessary services and software increases the security risk by increasing the potential attack surface of the application.
STIG Date
Application Security and Development Checklist 2014-12-22

Details

Check Text ( C-3056r1_chk )
Examine the configuration of the servers. Determine what software is installed on the servers. Determine which services are needed for the application by examining the application design and accreditation documentation and interviewing the application representative. For example, in cases where two web servers (IIS and Apache) are installed, and only one is being used.

1) If there are services or software present not needed for the application, it is a finding.
Fix Text (F-4455r1_fix)
Remove unnecessary services or software.