DBN-6300 NDM Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000325-NDM-000285
<GroupDescription></GroupDescription>Group -
SRG-APP-000372-NDM-000297
<GroupDescription></GroupDescription>Group -
The DBN-6300 must produce audit log records containing information to establish the source of events.
<VulnDiscussion>In order to compile an accurate risk assessment and provide forensic analysis, it is essential for security personnel to know...Rule Low Severity -
SRG-APP-000099-NDM-000229
<GroupDescription></GroupDescription>Group -
SRG-APP-000023-NDM-000205
<GroupDescription></GroupDescription>Group -
The DBN-6300 must provide automated support for account management functions.
<VulnDiscussion>If account management functions are not automatically enforced, an attacker could gain privileged access to a vital element o...Rule High Severity -
SRG-APP-000026-NDM-000208
<GroupDescription></GroupDescription>Group -
The DBN-6300 must uniquely identify and authenticate organizational administrators (or processes acting on behalf of organizational administrators).
<VulnDiscussion>To ensure accountability and prevent unauthenticated access, organizational administrators must be uniquely identified and au...Rule High Severity -
SRG-APP-000149-NDM-000247
<GroupDescription></GroupDescription>Group -
SRG-APP-000166-NDM-000254
<GroupDescription></GroupDescription>Group -
The DBN-6300 must automatically audit account creation.
<VulnDiscussion>Upon gaining access to a network device, an attacker will often first attempt to create a persistent method of reestablishing...Rule Medium Severity -
SRG-APP-000027-NDM-000209
<GroupDescription></GroupDescription>Group -
The DBN-6300 must produce audit records containing information to establish when (date and time) the events occurred.
<VulnDiscussion>It is essential for security personnel to know what is being done, what was attempted, where it was done, when it was done, a...Rule Low Severity -
SRG-APP-000097-NDM-000227
<GroupDescription></GroupDescription>Group -
The DBN-6300 must automatically audit account modification.
<VulnDiscussion>Upon gaining access to a network device, an attacker will often attempt to create a persistent method of reestablishing acces...Rule Medium Severity -
The DBN-6300 must be compliant with at least one IETF Internet standard authentication protocol.
<VulnDiscussion>Protecting access authorization information (i.e., access control decisions) ensures that authorization information cannot be...Rule Medium Severity -
SRG-APP-000029-NDM-000211
<GroupDescription></GroupDescription>Group -
The DBN-6300 must automatically audit account removal actions.
<VulnDiscussion>Account management, as a whole, ensures access to the network device is being controlled in a secure manner by granting acces...Rule Medium Severity -
SRG-APP-000065-NDM-000214
<GroupDescription></GroupDescription>Group -
The DBN-6300 must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.
<VulnDiscussion>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.