UCF STIG Viewer Logo

The application server must use cryptographic mechanisms to protect the integrity of log information.


Overview

Finding ID Version Rule ID IA Controls Severity
V-35217 SRG-APP-000126-AS-000085 SV-46504r3_rule Medium
Description
Protection of log records is of critical importance. Encrypting log records provides a level of protection that does not rely on host-based protections that can be accidentally misconfigured, such as file system permissions. Cryptographic mechanisms are the industry-established standard used to protect the integrity of log data. An example of a cryptographic mechanism is the computation and application of a cryptographic-signed hash using asymmetric cryptography.
STIG Date
Application Server Security Requirements Guide 2015-08-28

Details

Check Text ( C-43589r2_chk )
Review the application server documentation and configuration to determine if the application server can protect log data using cryptographic means.

If the application server is not configured to encrypt and sign logs, this is a finding.
Fix Text (F-39763r2_fix)
Configure the application server to encrypt and sign logs.