Skip to content
Log In

II - Mission Support Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-NET-000512

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must be configured to dynamically implement configuration file changes.

    Configuration management includes the management of security features and assurances through control of changes made to device hardware, software, and firmware throughout the life cycle of a produc...
    Rule Medium Severity
    Show

  • SRG-NET-000512

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must be configured to disable any auto answer features.

    An Enterprise Voice, Video, and Messaging Endpoint set to automatically answer a call with audio or video capabilities enabled risks transmitting information not intended for the caller. In the eve...
    Rule Medium Severity
    Show

  • SRG-NET-000518

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must provide a logout capability for user-initiated communications sessions.

    If a user cannot explicitly end a session, the session may remain open and be exploited by an attacker; this is referred to as a zombie session. However, for some types of interactive sessions inc...
    Rule Medium Severity
    Show

  • SRG-NET-000519

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must display an explicit logout message to users indicating the reliable termination of communications sessions.

    If a user cannot explicitly end a session, the session may remain open and be exploited by an attacker; this is referred to as a zombie session. Users need to be aware of whether or not the session...
    Rule Medium Severity
    Show

  • SRG-NET-000522

    Group
    Show

  • For accounts using password or PINs for authentication, the Enterprise Voice, Video, and Messaging Endpoint must store only cryptographic representations of passwords.

    If passwords and PINs are not encrypted when stored, they may be read if the storage location is compromised. Note that DOD requires the use two-factor, CAC-enabled authentication and the use of ...
    Rule Medium Severity
    Show

  • SRG-NET-000530

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must prohibit client negotiation to TLS 1.1, TLS 1.0, SSL 2.0, or SSL 3.0.

    Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol. This requ...
    Rule High Severity
    Show

  • SRG-NET-000015

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must not be configured with any vendor default accounts, PINs, or passwords to access configuration settings.

    Many Enterprise Voice, Video, and Messaging Endpoints can set or display configuration settings in the instrument itself. This presents a risk if a user obtains information such as the IP addresses...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules