Skip to content
Log In

DBN-6300 NDM Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000295-NDM-000279

    Group
    Show

  • SRG-APP-000319-NDM-000283

    Group
    Show

  • The DBN-6300 must automatically audit account enabling actions.

    Once an attacker establishes initial access to a system, the attacker often attempts to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to simply...
    Rule Medium Severity
    Show

  • SRG-APP-000343-NDM-000289

    Group
    Show

  • The DBN-6300 must audit the execution of privileged functions.

    Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and...
    Rule Medium Severity
    Show

  • SRG-APP-000353-NDM-000292

    Group
    Show

  • The DBN-6300 must provide the capability for organization-identified individuals or roles to change the auditing to be performed based on all selectable event criteria within near real time.

    If authorized individuals do not have the ability to modify auditing parameters in response to a changing threat environment, the organization may not be able to effectively respond, and important ...
    Rule Low Severity
    Show

  • SRG-APP-000371-NDM-000296

    Group
    Show

  • The DBN-6300 must compare internal information system clocks at least every 24 hours with an authoritative time server.

    Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when condu...
    Rule Medium Severity
    Show

  • SRG-APP-000374-NDM-000299

    Group
    Show

  • The DBN-6300 must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC).

    If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis.
    Rule Medium Severity
    Show

  • SRG-APP-000375-NDM-000300

    Group
    Show

  • The DBN-6300 must record time stamps for audit records that meet a granularity of one second for a minimum degree of precision.

    Without sufficient granularity of time stamps, it is not possible to adequately determine the chronological order of records. Time stamps generated by the application include date and time. Granula...
    Rule Medium Severity
    Show

  • SRG-APP-000381-NDM-000305

    Group
    Show

  • The DBN-6300 must audit the enforcement actions used to restrict access associated with changes to the device.

    Without auditing the enforcement of access restrictions against changes to the device configuration, it will be difficult to identify attempted attacks, and an audit trail will not be available for...
    Rule Medium Severity
    Show

  • SRG-APP-000411-NDM-000330

    Group
    Show

  • Applications used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications.

    This requires the use of secure protocols instead of their unsecured counterparts, such as SSH instead of telnet, SCP instead of FTP, and HTTPS instead of HTTP. If unsecured protocols (lacking cryp...
    Rule Medium Severity
    Show

  • SRG-APP-000412-NDM-000331

    Group
    Show

  • SRG-APP-000495-NDM-000318

    Group
    Show

  • SRG-APP-000499-NDM-000319

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules