Skip to content

III - Administrative Public

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000516-NDM-000344

    <GroupDescription></GroupDescription>
    Group
  • CounterACT must obtain its public key certificates from an appropriate certificate policy through an approved service provider.

    &lt;VulnDiscussion&gt;For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB p...
    Rule Medium Severity
  • SRG-APP-000516-NDM-000344

    <GroupDescription></GroupDescription>
    Group
  • CounterACT must obtain its public key certificates from an appropriate certificate policy through an approved service provider.

    &lt;VulnDiscussion&gt;For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB p...
    Rule Medium Severity
  • SRG-APP-000516-NDM-000333

    <GroupDescription></GroupDescription>
    Group
  • CounterACT must enable Threat Protection notifications to alert security personnel to Cyber events detected by a CounterACT IAW CJCSM 6510.01B.

    &lt;VulnDiscussion&gt;CJCSM 6510.01B, "Cyber Incident Handling Program", in subsection e.(6)(c) sets forth requirements for Cyber events detected b...
    Rule Medium Severity
  • SRG-APP-000408-NDM-000314

    <GroupDescription></GroupDescription>
    Group
  • CounterACT appliances performing maintenance functions must restrict use of these functions to authorized personal only.

    &lt;VulnDiscussion&gt;There are security-related issues arising from software brought into the network device specifically for diagnostic and repai...
    Rule High Severity
  • SRG-APP-000516-NDM-000337

    <GroupDescription></GroupDescription>
    Group
  • CounterACT must employ automated mechanisms to centrally apply authentication settings.

    &lt;VulnDiscussion&gt;The use of authentication servers or other centralized management servers for providing centralized authentication services i...
    Rule Medium Severity
  • SRG-APP-000142-NDM-000245

    <GroupDescription></GroupDescription>
    Group
  • CounterACT must disable all unnecessary and/or nonsecure plugins.

    &lt;VulnDiscussion&gt;CounterACT is capable of providing a wide variety of functions and services. Some of the functions and services provided by d...
    Rule High Severity
  • SRG-APP-000190-NDM-000267

    <GroupDescription></GroupDescription>
    Group
  • CounterACT must terminate all network connections associated with an Enterprise Manager Console session upon Exit, or session disconnection, or after 10 minutes of inactivity, except where prevented by documented and validated mission requirements.

    &lt;VulnDiscussion&gt;Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take c...
    Rule Medium Severity
  • SRG-APP-000190-NDM-000267

    <GroupDescription></GroupDescription>
    Group
  • CounterACT must terminate all network connections associated with an SSH connection session upon Exit, session disconnection, or after 10 minutes of inactivity, except where prevented by documented and validated mission requirements.

    &lt;VulnDiscussion&gt;Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take c...
    Rule Medium Severity
  • SRG-APP-000231-NDM-000271

    <GroupDescription></GroupDescription>
    Group
  • CounterACT must allow only authorized administrators to view or change the device configuration, system files, and other files stored either in the device or on removable media.

    &lt;VulnDiscussion&gt;This protection is required to prevent unauthorized alteration, corruption, or disclosure of information when not stored dire...
    Rule Medium Severity
  • SRG-APP-000125-NDM-000241

    <GroupDescription></GroupDescription>
    Group
  • If any logs are stored locally which are not sent to the centralized audit server, CounterACT must back up audit records at least every seven days onto a different system or system component than the system or component being audited.

    &lt;VulnDiscussion&gt;Protection of log data includes ensuring log data is not accidentally lost or deleted. Regularly backing up audit records to ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules