Check: APSC-DV-003330
Application Security and Development STIG:
APSC-DV-003330
(in versions v5 r3 through v4 r2)
Title
The system must alert an administrator when low resource conditions are encountered. (Cat II impact)
Discussion
In order to prevent DoS type attacks, applications should be monitored when resource conditions reach a predefined threshold. This could indicate the onset of a DoS attack or could be the precursor to an application outage.
Check Content
Review the system documentation and interview the application and system administrators. Examine the system to determine if an automated, continuous on-line monitoring and audit trail creation capability is present with the capability to immediately alert personnel of any unusual or inappropriate activity with potential IA implications, and with a user configurable capability to automatically disable the system if serious IA violations are detected. If this monitoring capability does not exist, this is a finding.
Fix Text
Implement mechanisms to alert system administrators about a low resource condition.
Additional Identifiers
Rule ID: SV-222668r879887_rule
Vulnerability ID: V-222668
Group Title: SRG-APP-000516
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
| CCI-001274 |
The organization employs automated mechanisms to alert security personnel of organization-defined inappropriate or unusual activities with security implications. |