Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The application server management interface, upon successful logon, must display to the user the date and time of the last logon (access).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35121 | SRG-APP-000075-AS-000040 | SV-46408r1_rule | Low |
| Description |
|---|
| Users need to be aware of activity that occurs regarding their application server account. Providing users with information regarding the date and time of their last successful login allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. This requirement is intended to cover traditional interactive logons to information systems. Services-oriented applications with no user interface are excluded. |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2013-01-08 |
Details
| Check Text ( C-43508r1_chk ) |
|---|
| Review AS product documentation and configuration to determine if users are informed of the date and time of the last logon. If users are not informed of this information, this is a finding. |
| Fix Text (F-39672r1_fix) |
|---|
| Configure the AS to display, upon logon, the date and time of the last logon. |