Container Platform Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The container platform must display the Standard Mandatory DoD Notice and Consent Banner before granting access to platform components.
The container platform has countless components where different access levels are needed. To control access, the user must first log in to the component and then be presented with a DoD-approved us...Rule Low Severity -
The container platform must generate audit records when successful/unsuccessful attempts to access privileges occur.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
All audit records must identify what type of event has occurred within the container platform.
Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents, th...Rule Medium Severity -
The container platform audit records must have a date and time association with all events.
Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents, th...Rule Medium Severity -
All audit records must identify the source of the event within the container platform.
Audit data is important when there are issues, to include security incidents that must be investigated. Since the audit data may be part of a larger audit system, it is important for the audit data...Rule Medium Severity -
All audit records must identify any containers associated with the event within the container platform.
Without information that establishes the identity of the containers offering user services or running on behalf of a user within the platform associated with audit events, security personnel cannot...Rule Medium Severity -
The container platform must generate audit records containing the full-text recording of privileged commands or the individual identities of group account users.
During an investigation of an incident, it is important to fully understand what took place. Often, information is not part of the audited event due to the data's nature, security risk, or audit lo...Rule Medium Severity -
The container platform must protect audit information from unauthorized modification.
If audit data were to become compromised, then forensic analysis and discovery of the true source of potentially malicious system activity would be impossible to achieve. To ensure the veracity of...Rule Medium Severity -
The container platform must protect audit information from unauthorized deletion.
If audit data were to become compromised, then forensic analysis and discovery of the true source of potentially malicious system activity would be impossible to achieve. To ensure the veracity of...Rule Medium Severity -
The container platform must protect audit tools from unauthorized access.
Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on au...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.