Applications upon successful logon, must display to the user the date and time of the last logon (access).

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-26879	SRG-APP-000075	SV-34159r1_rule		Medium

Description
Users need to be aware of activity that occurs regarding their application account. Providing users with information regarding the date and time of their last successful login allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. This requirement is intended to cover both traditional interactive logons to information systems and general accesses to information systems that occur in other types of architectural configurations (e.g., service oriented architectures).

Description

Users need to be aware of activity that occurs regarding their application account. Providing users with information regarding the date and time of their last successful login allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. This requirement is intended to cover both traditional interactive logons to information systems and general accesses to information systems that occur in other types of architectural configurations (e.g., service oriented architectures).

STIG	Date
Application Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None