Skip to content

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000015-AS-000010

    <GroupDescription></GroupDescription>
    Group
  • The MQ Appliance messaging server must implement cryptography mechanisms to protect the integrity of the remote access session.

    &lt;VulnDiscussion&gt;Encryption is critical for protection of remote access sessions. If encryption is not being used for integrity, malicious use...
    Rule Medium Severity
  • SRG-APP-000358-AS-000064

    <GroupDescription></GroupDescription>
    Group
  • The MQ Appliance messaging server must off-load log records onto a different system or media from the system being logged.

    &lt;VulnDiscussion&gt;Information system logging capability is critical for accurate forensic analysis. Log record content that may be necessary to...
    Rule Medium Severity
  • SRG-APP-000372-AS-000212

    <GroupDescription></GroupDescription>
    Group
  • The MQ Appliance messaging server must synchronize internal MQ Appliance messaging server clocks to an authoritative time source when the time difference is greater than the organization-defined time period.

    &lt;VulnDiscussion&gt;Determining the correct time a particular application event occurred on a system is critical when conducting forensic analysi...
    Rule Low Severity
  • SRG-APP-000371-AS-000077

    <GroupDescription></GroupDescription>
    Group
  • The MQ Appliance messaging server must compare internal MQ Appliance messaging server clocks at least every 24 hours with an authoritative time source.

    &lt;VulnDiscussion&gt;Determining the correct time a particular application event occurred on a system is critical when conducting forensic analysi...
    Rule Low Severity
  • SRG-APP-000416-AS-000140

    <GroupDescription></GroupDescription>
    Group
  • The MQ Appliance messaging server must implement NSA-approved cryptography to protect classified information in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

    &lt;VulnDiscussion&gt;Cryptography is only as strong as the encryption modules/algorithms employed to encrypt the data. Use of weak or untested enc...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules