Skip to content

No profile (default benchmark)

Rules and Groups employed by this XCCDF Profile

  • CounterACT must terminate all network connections associated with an SSH connection session upon Exit, session disconnection, or after 10 minutes of inactivity, except where prevented by documented and validated mission requirements.

    <VulnDiscussion>Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take c...
    Rule Medium Severity
  • SRG-APP-000231-NDM-000271

    <GroupDescription></GroupDescription>
    Group
  • CounterACT must allow only authorized administrators to view or change the device configuration, system files, and other files stored either in the device or on removable media.

    &lt;VulnDiscussion&gt;This protection is required to prevent unauthorized alteration, corruption, or disclosure of information when not stored dire...
    Rule Medium Severity
  • SRG-APP-000125-NDM-000241

    <GroupDescription></GroupDescription>
    Group
  • If any logs are stored locally which are not sent to the centralized audit server, CounterACT must back up audit records at least every seven days onto a different system or system component than the system or component being audited.

    &lt;VulnDiscussion&gt;Protection of log data includes ensuring log data is not accidentally lost or deleted. Regularly backing up audit records to ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules