An error occurred:

Check: SRG-APP-000092-AS-000053

Application Server SRG: SRG-APP-000092-AS-000053 (in versions v3 r4 through v2 r2)

Title

The application server must initiate session logging upon startup. (Cat II impact)

Discussion

Session logging activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, or regulations.

Check Content

Review the application server product documentation and server configuration to determine if the application server initiates session logging on application server startup. If the application server is not configured to meet this requirement, this is a finding.

Fix Text

Configure the application server to initiate session logging on application server startup.

Additional Identifiers

Rule ID: SV-204720r879562_rule

Vulnerability ID: V-204720

Group Title: SRG-APP-000092

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001464

The information system initiates session audits at system start-up.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AU-14 (1)

System Start-Up