Skip to content

The application server must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.

An XCCDF Rule

Description

<VulnDiscussion>Fail-secure is a condition achieved by the application server in order to ensure that in the event of an operational failure, the system does not enter into an unsecure state where intended security properties no longer hold. Preserving information system state information also facilitates system restart and return to the operational mode of the organization with less disruption of mission-essential processes.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-204769r879640_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Configure the application server to fail to a secure state if system initialization fails, shutdown fails, or aborts fail.