UCF STIG Viewer Logo

Applications performing extrusion detection must be capable of denying network traffic and auditing internal users (or malicious code) posing a threat to external information systems.


Overview

Finding ID Version Rule ID IA Controls Severity
V-35674 SRG-APP-000259-AS-NA SV-46961r1_rule Medium
Description
Detecting internal actions that may pose a security threat to external information systems is sometimes termed extrusion detection. Extrusion detection at the information system boundary includes the analysis of network traffic (incoming as well as, outgoing) looking for indications of an internal threat to the security of external systems. The requirement is NA. App servers are not extrusion detection devices.
STIG Date
Application Server Security Requirements Guide 2013-01-08

Details

Check Text ( C-44016r1_chk )
This requirement is NA for the AS SRG.
Fix Text (F-40216r1_fix)
The requirement is NA. No fix is required.