Skip to content
Log In

ForeScout CounterACT NDM Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000065-NDM-000214

    Group
    Show

  • SRG-APP-000068-NDM-000215

    Group
    Show

  • CounterACT must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device.

    Display of the DoD-approved use notification before granting access to CounterACT ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Order...
    Rule Low Severity
    Show

  • SRG-APP-000168-NDM-000256

    Group
    Show

  • CounterACT must enforce password complexity by requiring that at least one numeric character be used.

    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...
    Rule Medium Severity
    Show

  • SRG-APP-000174-NDM-000261

    Group
    Show

  • SRG-APP-000165-NDM-000253

    Group
    Show

  • CounterACT must prohibit password reuse for a minimum of five generations.

    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. To meet password policy requirements, passwords need to...
    Rule Medium Severity
    Show

  • SRG-APP-000164-NDM-000252

    Group
    Show

  • CounterACT must enforce a minimum 15-character password length.

    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to d...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000335

    Group
    Show

  • CounterACT must enforce access restrictions associated with changes to the system components.

    Changes to the hardware or software components of the network device can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals should...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000334

    Group
    Show

  • CounterACT must generate audit log events for a locally developed list of auditable events.

    Auditing and logging are key components of any security architecture. Logging the actions of specific events provides a means to investigate an attack, recognize resource utilization or capacity th...
    Rule Low Severity
    Show

  • SRG-APP-000516-NDM-000340

    Group
    Show

  • SRG-APP-000516-NDM-000341

    Group
    Show

  • CounterACT must support organizational requirements to conduct backups of information system documentation, including security-related documentation, when changes occur or weekly, whichever is sooner.

    Information system backup is a critical step in maintaining data assurance and availability. Information system and security-related documentation contains information pertaining to system configur...
    Rule Low Severity
    Show

  • SRG-APP-000516-NDM-000344

    Group
    Show

  • CounterACT must obtain its public key certificates from an appropriate certificate policy through an approved service provider.

    For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000344

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules