Skip to content
ATO Pathways
  Log In

Virtual Machine Manager Security Requirements Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-OS-000363

    <GroupDescription></GroupDescription>
    Group
    Show

  • The VMM must notify designated personnel if baseline configurations are changed in an unauthorized manner.

    &lt;VulnDiscussion&gt;Unauthorized changes to the baseline configuration could make the VMM vulnerable to various attacks or allow unauthorized acc...
    Rule Medium Severity
    Show

  • SRG-OS-000364

    <GroupDescription></GroupDescription>
    Group
    Show

  • The VMM must enforce access restrictions associated with changes to the system.

    &lt;VulnDiscussion&gt;Failure to provide logical access restrictions associated with changes to system configuration may have significant effects o...
    Rule Medium Severity
    Show

  • SRG-OS-000365

    <GroupDescription></GroupDescription>
    Group
    Show

  • The VMM must audit the enforcement actions used to restrict access associated with changes to the system.

    &lt;VulnDiscussion&gt;Without auditing the enforcement of access restrictions against changes to the VMM configuration, it will be difficult to ide...
    Rule Medium Severity
    Show

  • SRG-OS-000366

    <GroupDescription></GroupDescription>
    Group
    Show

  • The VMM must prevent the installation of guest VMs, patches, service packs, device drivers, or VMM components without verification they have been digitally signed using a certificate that is recognized and approved by the organization.

    &lt;VulnDiscussion&gt;Changes to any software components can have significant effects on the overall security of the VMM. This requirement ensures ...
    Rule Medium Severity
    Show

  • SRG-OS-000368

    <GroupDescription></GroupDescription>
    Group
    Show

  • The VMM must accept Personal Identity Verification (PIV) credentials.

    &lt;VulnDiscussion&gt;The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. DoD has mandated the use...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules