Skip to content
Log In

Application Server Security Requirements Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000125

    Group
    Show

  • The application server must back up log records at least every seven days onto a different system or system component than the system or component being logged.

    Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up log records to a different system or onto separate media from the system the application server is ...
    Rule Medium Severity
    Show

  • SRG-APP-000126

    Group
    Show

  • The application server must use cryptographic mechanisms to protect the integrity of log information.

    Protecting the integrity of log records helps to ensure log files are not tampered with. Cryptographic mechanisms are the industry-established standard used to protect the integrity of log data. An...
    Rule Medium Severity
    Show

  • SRG-APP-000131

    Group
    Show

  • SRG-APP-000133

    Group
    Show

  • The application server must limit privileges to change the software resident within software libraries.

    Application servers have the ability to specify that the hosted applications utilize shared libraries. The application server must have a capability to divide roles based upon duties wherein one pr...
    Rule Medium Severity
    Show

  • SRG-APP-000133

    Group
    Show

  • SRG-APP-000141

    Group
    Show

  • SRG-APP-000142

    Group
    Show

  • SRG-APP-000148

    Group
    Show

  • SRG-APP-000149

    Group
    Show

  • The application server must use multifactor authentication for network access to privileged accounts.

    Multifactor authentication creates a layered defense and makes it more difficult for an unauthorized person to access the application server. If one factor is compromised or broken, the attacker s...
    Rule High Severity
    Show

  • SRG-APP-000151

    Group
    Show

  • SRG-APP-000153

    Group
    Show

  • The application server must authenticate users individually prior to using a group authenticator.

    To ensure individual accountability and prevent unauthorized access, application server users (and any processes acting on behalf of application server users) must be individually identified and au...
    Rule Medium Severity
    Show

  • SRG-APP-000156

    Group
    Show

  • SRG-APP-000163

    Group
    Show

  • The application server must disable identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.

    Inactive identifiers pose a risk to systems and applications. Attackers that are able to exploit an inactive identifier can potentially obtain and maintain undetected access to the application. Own...
    Rule Medium Severity
    Show

  • SRG-APP-000171

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules