Configuration management applications must employ automated mechanisms to centrally verify configuration settings.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35584	SRG-APP-000137-AS-NA	SV-46871r1_rule		Medium

Description
Configuration settings are the configurable security-related parameters of information technology products that are part of the information system. Rather than visiting each and every system when making configuration changes, organizations will employ automated tools that can make changes across all systems. This greatly increases efficiency and manageability of systems and applications in a large scale environment. "Centrally verify" means to verify settings have taken effect from a centralized location. The AS is not a configuration management application. This requirement does not apply.

Description

Configuration settings are the configurable security-related parameters of information technology products that are part of the information system. Rather than visiting each and every system when making configuration changes, organizations will employ automated tools that can make changes across all systems. This greatly increases efficiency and manageability of systems and applications in a large scale environment. "Centrally verify" means to verify settings have taken effect from a centralized location. The AS is not a configuration management application. This requirement does not apply.

STIG	Date
Application Server Security Requirements Guide	2013-01-08

Details

Check Text ( C-43926r1_chk )
This requirement is NA for the AS SRG.

Fix Text (F-40125r1_fix)
The requirement is NA. No fix is required.