Container Platform Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000126
<GroupDescription></GroupDescription>Group -
The container platform audit records must record user access start and end times.
<VulnDiscussion>The container platform must generate audit records showing start and end times for users and services acting on behalf of a u...Rule Medium Severity -
SRG-APP-000506
<GroupDescription></GroupDescription>Group -
The container platform must retain the Standard Mandatory DoD Notice and Consent Banner on the screen until users acknowledge the usage and conditions and take explicit actions to log on for further access.
<VulnDiscussion>The banner must be acknowledged by the user prior to allowing the user access to any container platform component. This provi...Rule Low Severity -
SRG-APP-000089
<GroupDescription></GroupDescription>Group -
The container platform must generate audit records for all DoD-defined auditable events within all components in the platform.
<VulnDiscussion>Within the container platform, audit data can be generated from any of the deployed container platform components. This audit...Rule Medium Severity -
SRG-APP-000090
<GroupDescription></GroupDescription>Group -
All audit records must identify the source of the event within the container platform.
<VulnDiscussion>Audit data is important when there are issues, to include security incidents that must be investigated. Since the audit data ...Rule Medium Severity -
SRG-APP-000099
<GroupDescription></GroupDescription>Group -
All audit records must generate the event results within the container platform.
<VulnDiscussion>Within the container platform, audit data can be generated from any of the deployed container platform components. This audit...Rule Medium Severity -
SRG-APP-000100
<GroupDescription></GroupDescription>Group -
All audit records must identify any users associated with the event within the container platform.
<VulnDiscussion>Without information that establishes the identity of the user associated with the events, security personnel cannot determine...Rule Medium Severity -
The container platform must use TLS 1.2 or greater for secure communication.
<VulnDiscussion>The authenticity and integrity of the container platform and communication between nodes and components must be secure. If an...Rule Medium Severity -
SRG-APP-000023
<GroupDescription></GroupDescription>Group -
Least privilege access and need to know must be required to access the container platform keystore.
<VulnDiscussion>The container platform keystore is used to store access keys and tokens for trusted access to and from the container platform...Rule Medium Severity -
SRG-APP-000038
<GroupDescription></GroupDescription>Group -
SRG-APP-000100
<GroupDescription></GroupDescription>Group -
All audit records must identify any containers associated with the event within the container platform.
<VulnDiscussion>Without information that establishes the identity of the containers offering user services or running on behalf of a user wit...Rule Medium Severity -
The container platform must generate audit records when concurrent logons from different workstations and systems occur.
<VulnDiscussion>The container platform and its components must generate audit records for concurrent logons from workstations perform remote ...Rule Medium Severity -
SRG-APP-000507
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.