CCI|CCI-002346

Title

The organization employs organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2013

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
F5BI-AS-000157 - To protect against data mining, the BIG-IP ASM module must be configured to prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields when providing content filtering to virtual servers.	F5	DISA F5 BIG-IP Application Security Manager 11.x STIG v1r1
F5BI-AS-000157 - To protect against data mining, the BIG-IP ASM module must be configured to prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields when providing content filtering to virtual servers.	F5	DISA F5 BIG-IP Application Security Manager STIG v2r1
F5BI-AS-000159 - To protect against data mining, the BIG-IP ASM module must be configured to prevent code injection attacks launched against application objects, including, at a minimum, application URLs and application code when providing content filtering to virtual servers.	F5	DISA F5 BIG-IP Application Security Manager STIG v2r1
F5BI-AS-000159 - To protect against data mining, the BIG-IP ASM module must be configured to prevent code injection attacks launched against application objects, including, at a minimum, application URLs and application code when providing content filtering to virtual servers.	F5	DISA F5 BIG-IP Application Security Manager 11.x STIG v1r1
F5BI-AS-000161 - To protect against data mining, The BIG-IP ASM module must be configured to prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields when providing content filtering to virtual servers.	F5	DISA F5 BIG-IP Application Security Manager 11.x STIG v1r1
F5BI-AS-000161 - To protect against data mining, The BIG-IP ASM module must be configured to prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields when providing content filtering to virtual servers.	F5	DISA F5 BIG-IP Application Security Manager STIG v2r1
F5BI-LT-000157 - To protect against data mining, the BIG-IP Core implementation must be configured to prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields when providing content filtering to virtual servers.	F5	DISA F5 BIG-IP Local Traffic Manager 11.x STIG v1r3
F5BI-LT-000157 - To protect against data mining, the BIG-IP Core implementation must be configured to prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields when providing content filtering to virtual servers.	F5	DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
F5BI-LT-000157 - To protect against data mining, the BIG-IP Core implementation must be configured to prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields when providing content filtering to virtual servers.	F5	DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r2
F5BI-LT-000157 - To protect against data mining, the BIG-IP Core implementation must be configured to prevent code injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, queries, and fields when providing content filtering to virtual servers.	F5	DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000159 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent code injection attacks from being launched against application objects, including, at a minimum, application URLs and application code.	F5	DISA F5 BIG-IP Local Traffic Manager 11.x STIG v1r3
F5BI-LT-000159 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent code injection attacks from being launched against application objects, including, at a minimum, application URLs and application code.	F5	DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r2
F5BI-LT-000159 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent code injection attacks from being launched against application objects, including, at a minimum, application URLs and application code.	F5	DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000159 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent code injection attacks from being launched against application objects, including, at a minimum, application URLs and application code.	F5	DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
F5BI-LT-000161 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent SQL injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, and database fields.	F5	DISA F5 BIG-IP Local Traffic Manager 11.x STIG v1r3
F5BI-LT-000161 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent SQL injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, and database fields.	F5	DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
F5BI-LT-000161 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent SQL injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, and database fields.	F5	DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r2
F5BI-LT-000161 - To protect against data mining, the BIG-IP Core implementation providing content filtering must be configured to prevent SQL injection attacks from being launched against data storage objects, including, at a minimum, databases, database records, and database fields.	F5	DISA F5 BIG-IP Local Traffic Manager STIG v2r3
JUSX-IP-000011 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.	Juniper	DISA Juniper SRX Services Gateway IDPS v1r2
JUSX-IP-000012 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent code injection attacks launched against application objects, including, at a minimum, application URLs and application code.	Juniper	DISA Juniper SRX Services Gateway IDPS v1r2
JUSX-IP-000013 - To protect against unauthorized data mining, the Juniper Networks SRX Series Gateway IDPS must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.	Juniper	DISA Juniper SRX Services Gateway IDPS v1r2
PANW-AG-000080 - To protect against data mining, the Palo Alto Networks security platform must detect and prevent SQL and other code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.	Palo_Alto	DISA STIG Palo Alto ALG v2r1
PANW-AG-000080 - To protect against data mining, the Palo Alto Networks security platform must detect and prevent SQL and other code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.	Palo_Alto	DISA STIG Palo Alto ALG v2r2
PANW-AG-000080 - To protect against data mining, the Palo Alto Networks security platform must detect and prevent SQL and other code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.	Palo_Alto	DISA STIG Palo Alto ALG v2r3
PANW-AG-000080 - To protect against data mining, the Palo Alto Networks security platform must detect and prevent SQL and other code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.	Palo_Alto	DISA STIG Palo Alto ALG v2r4
PANW-AG-000081 - To protect against data mining, the Palo Alto Networks security platform must detect and prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.	Palo_Alto	DISA STIG Palo Alto ALG v2r3
PANW-AG-000081 - To protect against data mining, the Palo Alto Networks security platform must detect and prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.	Palo_Alto	DISA STIG Palo Alto ALG v2r1
PANW-AG-000081 - To protect against data mining, the Palo Alto Networks security platform must detect and prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.	Palo_Alto	DISA STIG Palo Alto ALG v2r2
PANW-AG-000081 - To protect against data mining, the Palo Alto Networks security platform must detect and prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.	Palo_Alto	DISA STIG Palo Alto ALG v2r4
PANW-IP-000032 - To protect against unauthorized data mining, the Palo Alto Networks security platform must detect and prevent SQL and other code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.	Palo_Alto	DISA STIG Palo Alto IDPS v2r2
PANW-IP-000032 - To protect against unauthorized data mining, the Palo Alto Networks security platform must detect and prevent SQL and other code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.	Palo_Alto	DISA STIG Palo Alto IDPS v2r3
PANW-IP-000033 - To protect against unauthorized data mining, the Palo Alto Networks security platform must detect and prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code.	Palo_Alto	DISA STIG Palo Alto IDPS v2r2

Detections

Analytics

CCI|CCI-002346

Title

Reference Item Details

Audit Items