Web Policy STIG Version 1, Release 1 Checklist Details (Checklist Revisions)
Supporting Resources:
-
Download Standalone XCCDF 1.1.4 - Sunset - Web Policy STIG - Ver 1, Rel 1
- Defense Information Systems Agency
Target:
Target | CPE Name |
---|---|
Apache HTTP Server 1.3 | cpe:/a:apache:http_server:1.3 (View CVEs) |
Apache HTTP Server 2.0 | cpe:/a:apache:http_server:2.0 (View CVEs) |
Apache HTTP Server 2.2 | cpe:/a:apache:http_server:2.2 (View CVEs) |
Microsoft Internet Information Services | cpe:/a:microsoft:iis (View CVEs) |
Checklist Highlights
- Checklist Name:
- Web Policy STIG
- Checklist ID:
- 405
- Version:
- Version 1, Release 1
- Type:
- Compliance
- Review Status:
- Archived
- Authority:
- Governmental Authority: Defense Information Systems Agency
- Original Publication Date:
- 10/28/2011
Checklist Summary:
The web policy STIG should be used in conjunction with web server specific guidance (i.e. IIS, Apache, etc.) when performing a web server review. The web policy STIGs intent is to consider the non-computing aspects of web server security management.
Checklist Role:
- Web Server
Known Issues:
Not provided.
Target Audience:
This document is a requirement for all DoD-owned information systems and DoD-controlled information systems operated by a contractor and/or other entity on behalf of the DoD that receive, process, store, display, or transmit DoD information, regardless of classification and/or sensitivity. These requirements are designed to assist Security Managers (SMs), Information Assurance Managers (IAMs), Information Assurance Officers (IAOs), and System Administrators (SAs) with configuring and maintaining security controls.
Target Operational Environment:
- Managed
- Specialized Security-Limited Functionality (SSLF)
Testing Information:
Not provided.
Regulatory Compliance:
DoD Directive 8500.1
Comments/Warnings/Miscellaneous:
Not provided.
Disclaimer:
Not provided.
Product Support:
The application development group should refer to the supporting organization for the application, when application issues arise from meeting STIG requirements.
Point of Contact:
fso_spt@disa.mil
Sponsor:
Not provided.
Licensing:
Not provided.
Change History:
Updated URLs - 6/14/19 Sunset per DISA - 6/17/19 updated URLs - 9/11/19
Dependency/Requirements:
URL | Description |
---|
References:
Reference URL | Description |
---|