Title: The application must enforce configurable traffic volume thresholds representing auditing capacity for network traffic.
Vulnerability ID: V-32379
IA Controls: None
Description: It is critical when a system is at risk of failing to process audit logs as required, actions are automatically taken to mitigate the failure. Audit processing failures include: software/hardware errors, failures in the audit capturing mechanisms, and audit storage capacity being reached or exceeded.
One method used to thwart the auditing system is for an attacker to attempt to overwhelm the auditing system with large amounts of irrelevant data. The end result being audit logs that are either overwritten and activity thereby erased or disk space that is exhausted and any future activity is no longer logged. Applications and/or logging mechanisms employed by applications must take steps to enforce configurable volume thresholds representing the auditing capacity for network traffic.
This requirement is specific to applications and network devices that restrict network traffic. This requirement is NA for databases.
Check Text: This check is NA for databases.
Fix Text: This fix is NA for databases.[divider]