VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Photon operating system must configure Secure Shell (SSH) to ignore user-specific trusted hosts lists.
SSH trust relationships enable trivial lateral spread after a host compromise and therefore must be explicitly disabled. Individual users can have a local list of trusted remote machines, which mus...Rule Medium Severity -
The Photon operating system must be configured so that the x86 Ctrl-Alt-Delete key sequence is disabled on the command line.
When the Ctrl-Alt-Del target is enabled, a locally logged-on user who presses Ctrl-Alt-Delete, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a ...Rule Medium Severity -
The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted.
ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An ill...Rule Medium Severity -
The Photon operating system must be configured to protect the Secure Shell (SSH) private host key from unauthorized access.
If an unauthorized user obtains the private SSH host key file, the host could be impersonated.Rule Medium Severity -
The Photon operating system must implement only approved Message Authentication Codes (MACs) to protect the integrity of remote access sessions.
Without cryptographic integrity protections, information can be altered by unauthorized users without detection. Remote access (e.g., RDP) is access to DOD nonpublic information systems by an auth...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.