Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Applications performing extrusion detection must be capable of denying network traffic and auditing internal users (or malicious code) posing a threat to external information systems.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35674 | SRG-APP-000259-AS-NA | SV-46961r1_rule | Medium |
| Description |
|---|
| Detecting internal actions that may pose a security threat to external information systems is sometimes termed extrusion detection. Extrusion detection at the information system boundary includes the analysis of network traffic (incoming as well as, outgoing) looking for indications of an internal threat to the security of external systems. The requirement is NA. App servers are not extrusion detection devices. |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2013-01-08 |
Details
| Check Text ( C-44016r1_chk ) |
|---|
| This requirement is NA for the AS SRG. |
| Fix Text (F-40216r1_fix) |
|---|
| The requirement is NA. No fix is required. |