UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The application must reject or delay, as defined by the organization, network traffic generated above configurable traffic volume thresholds.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32380 SRG-APP-000106-DB-NA SV-42717r1_rule Medium
Description
It is critical when a system is at risk of failing to process audit logs as required; actions are automatically taken to mitigate the failure or risk of failure. One method used to thwart the auditing system is for an attacker to attempt to overwhelm the auditing system with large amounts of irrelevant data. The end result being audit logs that are either overwritten and activity thereby erased or disk space that is exhausted and any future activity is no longer logged. In many system configurations, the disk space allocated to the auditing system is separate from the disks allocated for the operating system; therefore, this may not result in a system outage. This requirement is specific to applications and network devices that restrict network traffic. This requirement is NA for databases.
STIG Date
Database Security Requirements Guide 2012-07-02

Details

Check Text ( C-40822r1_chk )
This check is NA for databases.
Fix Text (F-36295r1_fix)
This fix is NA for databases.