I - Mission Critical Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000266-AS-000168
<GroupDescription></GroupDescription>Group -
The MQ Appliance messaging server must identify potentially security-relevant error conditions.
<VulnDiscussion>The structure and content of error messages need to be carefully considered by the organization and development team. Any app...Rule Medium Severity -
SRG-APP-000108-AS-000067
<GroupDescription></GroupDescription>Group -
The MQ Appliance messaging server must alert the SA and ISSO, at a minimum, in the event of a log processing failure.
<VulnDiscussion>Logs are essential to monitor the health of the system, investigate changes that occurred to the system, or investigate a sec...Rule Medium Severity -
SRG-APP-000435-AS-000163
<GroupDescription></GroupDescription>Group -
The MQ Appliance messaging server must protect against or limit the effects of all types of Denial of Service (DoS) attacks by employing operationally-defined security safeguards.
<VulnDiscussion>DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot ac...Rule Medium Severity -
SRG-APP-000404-AS-000249
<GroupDescription></GroupDescription>Group -
The MQ Appliance messaging server must accept FICAM-approved third-party credentials.
<VulnDiscussion>Access may be denied to legitimate users if FICAM-approved third-party credentials are not accepted. This requirement typica...Rule Low Severity -
SRG-APP-000181-AS-000255
<GroupDescription></GroupDescription>Group -
The MQ Appliance messaging server must provide a log reduction capability that supports on-demand reporting requirements.
<VulnDiscussion>The ability to generate on-demand reports, including after the log data has been subjected to log reduction, greatly facilita...Rule Medium Severity -
SRG-APP-000109-AS-000070
<GroupDescription></GroupDescription>Group -
The MQ Appliance messaging server must be configured to fail over to another system in the event of log subsystem failure.
<VulnDiscussion>This requirement is dependent upon system MAC and availability. If the system MAC and availability do not specify redundancy ...Rule Medium Severity -
SRG-APP-000225-AS-000154
<GroupDescription></GroupDescription>Group -
The MQ Appliance messaging server must provide a clustering capability.
<VulnDiscussion>This requirement is dependent upon system criticality and confidentiality requirements. If the system categorization and conf...Rule Medium Severity -
SRG-APP-000219-AS-000147
<GroupDescription></GroupDescription>Group -
The MQ Appliance messaging server must ensure authentication of both SSH client and server during the entire session.
<VulnDiscussion>This control focuses on communications protection at the session, versus packet level. At the application layer, session IDs...Rule Medium Severity -
SRG-APP-000158-AS-000108
<GroupDescription></GroupDescription>Group -
The MQ Appliance messaging server must uniquely identify all network-connected endpoint devices before establishing any connection.
<VulnDiscussion>Without identifying devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. For...Rule Medium Severity -
SRG-APP-000172-AS-000121
<GroupDescription></GroupDescription>Group -
Access to the MQ Appliance messaging server must utilize encryption when using LDAP for authentication.
<VulnDiscussion>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords during transmissi...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.