← Back to Central Log Server Security Requirements Guide

V-221906

CAT III (Low)

The Central Log Server must retain the Standard Mandatory DoD Notice and Consent Banner on the screen until users acknowledge the usage conditions and take explicit actions to log on for further access.

Rule ID

SV-221906r960846_rule

STIG

Central Log Server Security Requirements Guide

Version

V3R4

CCIs

CCI-000050

Discussion

The banner must be acknowledged by the user prior to allowing the user access to the application. This provides assurance that the user has seen the message and accepted the conditions for access. If the consent banner is not acknowledged by the user, DoD will not be in compliance with system use notifications required by law. To establish acceptance of the application usage policy, a click-through banner at application logon is required. The application must prevent further activity until the user executes a positive action to manifest agreement by clicking on a box indicating "OK".

Check Content

Examine the configuration.

Verify that the Central Log Server is configured to retain the Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions.

If the Central Log Server is not configured to retain the Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions, this is a finding.

Fix Text

Configure the Central Log Server to retain the Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions.