Skip to content
Log In

VMware vSphere 7.0 VAMI Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000266-WSR-000142

    Group
    Show

  • VAMI must disable directory browsing.

    The goal is to completely control the web user's experience in navigating any portion of the web document root directories. Ensuring all web content directories have at least the equivalent of an "...
    Rule Medium Severity
    Show

  • SRG-APP-000266-WSR-000159

    Group
    Show

  • SRG-APP-000266-WSR-000160

    Group
    Show

  • VAMI must have debug logging disabled.

    Information needed by an attacker to begin looking for possible vulnerabilities in a web server includes any information about the web server and plug-ins or modules being used. When debugging or t...
    Rule Medium Severity
    Show

  • SRG-APP-000435-WSR-000147

    Group
    Show

  • SRG-APP-000439-WSR-000156

    Group
    Show

  • VAMI must implement Transport Layer Security (TLS) 1.2 exclusively.

    TLS is a required transmission protocol for a web server hosting controlled information. The use of TLS provides confidentiality of data in transit between the web server and client. FIPS 140-2 app...
    Rule Medium Severity
    Show

  • SRG-APP-000516-WSR-000174

    Group
    Show

  • VAMI must force clients to select the most secure cipher.

    During a Transport Layer Security (TLS) session negotiation, when choosing a cipher during a handshake, normally the client's preference is used. This is potentially problematic as a malicious, da...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules