Skip to content
Log In

II - Mission Support Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-NET-000512

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must be configured to dynamically implement configuration file changes.

    Configuration management includes the management of security features and assurances through control of changes made to device hardware, software, and firmware throughout the life cycle of a produc...
    Rule Medium Severity
    Show

  • SRG-NET-000512

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must be configured to disable any auto answer features.

    An Enterprise Voice, Video, and Messaging Endpoint set to automatically answer a call with audio or video capabilities enabled risks transmitting information not intended for the caller. In the eve...
    Rule Medium Severity
    Show

  • SRG-NET-000518

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must provide a logout capability for user-initiated communications sessions.

    If a user cannot explicitly end a session, the session may remain open and be exploited by an attacker; this is referred to as a zombie session. However, for some types of interactive sessions inc...
    Rule Medium Severity
    Show

  • SRG-NET-000519

    Group
    Show

  • The Enterprise Voice, Video, and Messaging Endpoint must display an explicit logout message to users indicating the reliable termination of communications sessions.

    If a user cannot explicitly end a session, the session may remain open and be exploited by an attacker; this is referred to as a zombie session. Users need to be aware of whether or not the session...
    Rule Medium Severity
    Show

  • SRG-NET-000522

    Group
    Show

  • For accounts using password or PINs for authentication, the Enterprise Voice, Video, and Messaging Endpoint must store only cryptographic representations of passwords.

    If passwords and PINs are not encrypted when stored, they may be read if the storage location is compromised. Note that DOD requires the use two-factor, CAC-enabled authentication and the use of ...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules