VMware vSphere 7.0 VAMI Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000141-WSR-000083
Group -
VAMI must have resource mappings set to disable the serving of certain file types.
Resource mapping is the process of tying a particular file type to a process in the web server that can serve that type of file to a requesting client and to identify which file types are not to be...Rule Medium Severity -
SRG-APP-000141-WSR-000085
Group -
VAMI must not have the Web Distributed Authoring (WebDAV) servlet installed.
A web server can be installed with functionality that, by its nature, is not secure. WebDAV is an extension to the HTTP protocol that, when developed, was meant to allow users to create, change, an...Rule Medium Severity -
SRG-APP-000141-WSR-000086
Group -
SRG-APP-000176-WSR-000096
Group -
VAMI must protect the keystore from unauthorized access.
The web server's private key is used to prove the identity of the server to clients and securely exchange the shared secret key used to encrypt communications between the web server and clients. By...Rule Medium Severity -
SRG-APP-000246-WSR-000149
Group -
SRG-APP-000251-WSR-000157
Group -
VAMI must set the encoding for all text Multipurpose Internet Mail Extensions (MIME) types to UTF-8.
Invalid user input occurs when a user inserts data or characters into a hosted application's data entry field and the hosted application is unprepared to process that data. This results in unantici...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.