I - Mission Critical Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000133-NDM-000244

  • CounterACT must limit privileges to change the software resident within software libraries.

    &lt;VulnDiscussion&gt;Changes to any software components of the network device can have significant effects on the overall security of the network....
    Rule Medium Severity
  • SRG-APP-000169-NDM-000257

  • CounterACT must enforce password complexity by requiring that at least one special character be used.

    &lt;VulnDiscussion&gt;Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...
    Rule Medium Severity
  • SRG-APP-000515-NDM-000325

  • CounterACT must sent audit logs to a centralized audit server (i.e., syslog server).

    &lt;VulnDiscussion&gt;Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common...
    Rule Medium Severity
  • SRG-APP-000374-NDM-000299

  • CounterACT must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC).

    &lt;VulnDiscussion&gt;If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analys...
    Rule Medium Severity
  • SRG-APP-000373-NDM-000298

  • CounterACT must be configured to synchronize internal information system clocks with the organizations primary and secondary NTP servers.

    &lt;VulnDiscussion&gt;The loss of connectivity to a particular authoritative time source will result in the loss of time synchronization (free-run ...
    Rule Medium Severity

