Server applications are hardened using ASD and vendor hardening guidance, with the most restrictive guidance taking precedence when conflicts occur.
Topic
Hardening server application configurations
Applicable to
all
History
Priority
should
Dec 2023
Server applications are hardened using ASD and vendor hardening guidance, with the most restrictive guidance taking precedence when conflicts occur.
The existing control relating to server applications being hardened using ASD and vendor hardening guidance was amended to recommend that the most restrictive guidance take precedence when conflicts occur.
Sep 2023
Server applications are hardened using ASD and vendor hardening guidance.
References to ‘ACSC’ were replaced with ‘ASD’.
Sep 2023
Server applications are hardened using ASD and vendor hardening guidance.
The existing control covering hardening of server applications was reworded to ensure consistency of language with similar controls.
Jun 2023
ACSC and vendor hardening guidance for server applications is implemented.
The existing control relating to ‘ACSC or vendor hardening guidance being implemented for server applications’ was amended to ‘ACSC and vendor hardening guidance being implemented for server applications’ in order to match the approach recommended for operating systems within control ISM-1409.
Mar 2023
ACSC or vendor hardening guidance for server applications is implemented.
An existing control relating to database management system (DBMS) software being configured according to vendor guidance was expanded to cover all server applications.
2017
DBMS software should be configured according to vendor guidance.
Control Text Changed. No public explaination.
2015
Agencies should securely configure DBMS software as per their vendor’s guidance.