From: charlie Date: Fri, 11 Nov 2016 19:18:36 +0000 (+0100) Subject: Added notapplicable to items for Level 3 checks. X-Git-Url: https://git.martlubbers.net/?a=commitdiff_plain;h=e94a1a8972ac05861760c2e6606e72f8ee3aa869;p=ssproject1617.git Added notapplicable to items for Level 3 checks. --- diff --git a/report/v8_error.tex b/report/v8_error.tex index d839e86..4de794c 100644 --- a/report/v8_error.tex +++ b/report/v8_error.tex @@ -77,18 +77,12 @@ Documentation suggesting users should verify that the database driver they end up using doesn't include sensitive data in exception messages is absent. \end{result} - \item\pass{} Verify that all non-printable symbols and field +\notapplicable{\item Verify that all non-printable symbols and field separators are properly encoded in log entries, to - prevent log injection. + prevent log injection.} - \begin{result} - \end{result} - - \item\pass{} Verify that log fields from trusted and untrusted - sources are distinguishable in log entries. - - \begin{result} - \end{result} +\notapplicable{\item Verify that log fields from trusted and untrusted + sources are distinguishable in log entries.} \item\fail{} Verify that an audit log or similar allows for non-repudiation of key transactions. @@ -98,20 +92,14 @@ Only potential requests are logged even before it's verified such an action exists. \end{result} - \item\pass{} Verify that security logs have some form of +\notapplicable{\item Verify that security logs have some form of integrity checking or controls to prevent - unauthorized modification. - - \begin{result} - \end{result} + unauthorized modification.} - \item\pass{} Verify that the +\notapplicable{\item Verify that the logs are stored on a different partition than the application is running with - proper log rotation. - - \begin{result} - \end{result} + proper log rotation.} \item\fail{} Time sources should be synchronized to ensure logs have the correct time.