UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The application server must provide the capability for authorized users to capture, record, and log all content related to a user session.


Overview

Finding ID Version Rule ID IA Controls Severity
V-35150 SRG-APP-000093-AS-000054 SV-46437r3_rule Medium
Description
The application server must be capable of enabling a setting for troubleshooting or debugging purposes which will log all user session information specified by an authorized user.
STIG Date
Application Server Security Requirements Guide 2018-01-08

Details

Check Text ( C-43536r2_chk )
Review the application server documentation to determine if the application server can be configured to capture/record and log all content related to a user session.

If the application server does not have the capability to allow an authorized user to capture, record, and log all content related to a user session, this is a finding.
Fix Text (F-39700r2_fix)
Configure the application server to provide the capability for authorized users to capture, record, and log all content related to a user session.