From Application Security and Development Security Technical Implementation Guide
Part of SRG-APP-000069
Associated with: CCI-000050
The banner must be acknowledged by the user prior to allowing the user access to the application. This provides assurance that the user has seen the message and accepted the conditions for access. If the consent banner is not acknowledged by the user, DoD will not be in compliance with system use notifications required by law.
If the application has no interactive user interface, this requirement is not applicable. If the user interface is only available via the OS console, e.g., a fat client application installed on a GFE desktop or laptop, and that GFE is configured to display the DoD banner, this requirement is not applicable. Access the application and authenticate if necessary. Verify the banner is displayed and action must be taken to accept terms of use. If the banner is not displayed or no action must be taken to accept terms of use, this is a finding.
Configure the application to retain the standard DoD-approved banner until the user accepts the usage conditions prior to granting access to the application.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer