Details
Applications are required to display the following information:
(i) displays the system use information when appropriate, before granting further access;
(ii) displays references, if any, to monitoring, recording, or auditing consistent with privacy accommodations for such systems that generally prohibit those activities; and
(iii) includes in the notice given to public users of the information system, a description of the authorized uses of the system.
System use notification messages can be implemented in the form of warning banners displayed when individuals login to the information system. System use notification is intended only for information system access including an interactive login interface with a human user and is not intended to require notification when an interactive interface does not exist.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Configure publicly accessible SharePoint Web applications home page to display a DoD warning banner before logging in.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.
References
- 800-53|AC-8c.1.
- 800-53|AC-8c.2.
- 800-53|AC-8c.3.
- CAT|II
- CCI|CCI-001384
- CCI|CCI-001385
- CCI|CCI-001386
- CCI|CCI-001387
- CCI|CCI-001388
- Rule-ID|SV-36432r1_rule
- STIG-ID|SHPT-00-000245
- Vuln-ID|V-28256