Detections
Analytics

800-53|SI-11

Title

ERROR HANDLING

Description

The information system:

Supplemental

Organizations carefully consider the structure/content of error messages. The extent to which information systems are able to identify and handle error conditions is guided by organizational policy and operational requirements. Information that could be exploited by adversaries includes, for example, erroneous logon attempts with passwords entered by mistake as the username, mission/business information that can be derived from (if not stated explicitly by) information recorded, and personal information such as account numbers, social security numbers, and credit card numbers. In addition, error messages may provide a covert channel for transmitting information.

Reference Item Details

Related: AU-2,AU-3,SC-31

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Priority: P2

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.2.3.5.1.1 Configure 'Report operating system errors'WindowsCIS Windows 2003 DC v3.1.0
1.2.3.5.1.1 Configure 'Report operating system errors'WindowsCIS Windows 2003 MS v3.1.0
1.2.3.5.2 Configure 'Display Error Notification'WindowsCIS Windows 2003 MS v3.1.0
1.2.3.5.2 Configure 'Display Error Notification'WindowsCIS Windows 2003 DC v3.1.0
1.2.17.10. Promote Level 2 Errors as Errors: Level II Disabled.WindowsCIS MS Office 2007 v1.1.0 L2
1.3.2 Turn Debug OffWindowsCIS IIS 7.5 L2 v1.7.1
1.3.2 Turn Debug OffWindowsCIS IIS 7.0 L2 v1.7.1
1.3.2 Turn Debug Off - ApplicationsWindowsCIS IIS 8.0 v1.4.0 Level 2
1.3.2 Turn Debug Off - DefaultWindowsCIS IIS 8.0 v1.4.0 Level 2
1.3.3 Ensure Custom Error Messages are not OffWindowsCIS IIS 7.5 L2 v1.7.1
1.3.3 Ensure Custom Error Messages are not OffWindowsCIS IIS 7.0 L2 v1.7.1
1.3.3 Ensure Custom Error Messages are not Off - ApplicationsWindowsCIS IIS 8.0 v1.4.0 Level 2
1.3.3 Ensure Custom Error Messages are not Off - DefaultWindowsCIS IIS 8.0 v1.4.0 Level 2
1.3.4 ASP.NET stack tracing is Not EnabledWindowsCIS IIS 7.5 L1 v1.7.1
1.3.4 ASP.NET stack tracing is Not EnabledWindowsCIS IIS 7.0 L1 v1.7.1
1.3.4 ASP.NET stack tracing is Not Enabled - ApplicationsWindowsCIS IIS 8.0 v1.4.0 Level 2
1.3.4 ASP.NET stack tracing is Not Enabled - DefaultWindowsCIS IIS 8.0 v1.4.0 Level 2
1.3.10 Hide IIS HTTP Detailed Errors from Displaying RemotelyWindowsCIS IIS 7.5 L1 v1.7.1
1.3.10 Hide IIS HTTP Detailed Errors from Displaying RemotelyWindowsCIS IIS 7.0 L1 v1.7.1
1.3.10 Hide IIS HTTP Detailed Errors from Displaying Remotely - ApplicationsWindowsCIS IIS 8.0 v1.4.0 Level 1
1.3.10 Hide IIS HTTP Detailed Errors from Displaying Remotely - DefaultWindowsCIS IIS 8.0 v1.4.0 Level 1
1.4.5 Disable client facing Stack Traces (Additional checks may be required)UnixCIS Apache Tomcat5.5/6.0 L1 v1.0
1.4.5 Disable client facing Stack Traces (Check if error-page has an exception-type defined)UnixCIS Apache Tomcat5.5/6.0 L1 v1.0
1.4.5 Disable client facing Stack Traces (Check if error-page has an location defined)UnixCIS Apache Tomcat5.5/6.0 L1 v1.0
1.4.6 Turn off TRACE (check web.xml configuration files)UnixCIS Apache Tomcat5.5/6.0 L1 v1.0
1.4.6 Turn off TRACE (verify if allowTrace is set to false)UnixCIS Apache Tomcat5.5/6.0 L1 v1.0
1.13.2.1.4 Ensure 'Promote Level 2 errors as errors, not warnings' is set to DisabledWindowsCIS Microsoft Office Outlook 2016 v1.1.0 Level 1
1.13.2.1.4 Ensure 'Promote Level 2 errors as errors, not warnings' is set to DisabledWindowsCIS Microsoft Office Outlook 2013 v1.1.0 Level 1
18.8.22.1.2 Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.1.0
18.8.22.1.2 Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 2 v3.1.0
18.8.22.1.3 Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'WindowsCIS Windows Server 2016 DC L2 v1.2.0
18.8.22.1.3 Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 DC L2 v2.4.0
18.8.22.1.3 Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 MS L2 v2.4.0
18.8.22.1.3 Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 MS L2 v1.2.0
18.8.22.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 MS L2 v2.4.0
18.8.22.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Windows Server 2012 DC L2 v2.1.0
18.8.22.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 MS L2 v1.2.0
18.8.22.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Windows Server 2016 DC L2 v1.2.0
18.8.22.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.1.0
18.8.22.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 2 v3.1.0
18.8.22.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 DC L2 v2.4.0
18.8.22.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 DC L2 v2.5.0
18.8.22.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 MS L2 v2.5.0
18.8.22.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Windows Server 2012 MS L2 v2.1.0
18.8.22.1.14 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 L2 v2.3.0
18.8.22.1.14 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 2 + Bitlocker v3.1.0
18.8.22.1.14 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.1.0
18.8.22.1.14 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 L2 Bitlocker v2.3.0
18.8.22.1.14 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 2 v3.1.0
18.8.22.1.14 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.1.0