Skip to content
Log In

I - Mission Critical Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000439-AS-000274

    Group
    Show

  • The WebSphere Application Server must remove all export ciphers to protect the confidentiality and integrity of transmitted information.

    Export grade encryption suites are not strong and do not meet DoD requirements. The encryption for the session becomes easy for the attacker to break. Do not use export grade encryption. Informatio...
    Rule Medium Severity
    Show

  • SRG-APP-000440-AS-000166

    Group
    Show

  • The WebSphere Application Server distribution and consistency services (DCS) transport links must be encrypted.

    A Core Group (HA Domain) is a component of the high availability manager function. It can contain stand-alone servers, cluster members, node agents, administrative agents, and the deployment manage...
    Rule Medium Severity
    Show

  • SRG-APP-000440-AS-000167

    Group
    Show

  • The WebSphere Application Server plugin must be configured to use HTTPS only.

    The Web server plug-in transmits information from the Web server to the Web container over HTTP by default. Extra steps must be taken to protect the traffic from the Web server to the Web container...
    Rule Medium Severity
    Show

  • SRG-APP-000454-AS-000268

    Group
    Show

  • The WebSphere Application Server must remove organization-defined software components after updated versions have been installed.

    By default, when updating WebSphere application server, the older version of binaries are saved in case a "roll back" is necessary. Not keeping the older version makes it more difficult for attacke...
    Rule Medium Severity
    Show

  • SRG-APP-000456-AS-000266

    Group
    Show

  • The WebSphere Application Server must apply the latest security fixes.

    Security vulnerabilities are often addressed by testing and applying the latest security patches and fix packs. Latest fixpacks can be found at: http://www-01.ibm.com/support/docview.wss?uid=swg270...
    Rule Medium Severity
    Show

  • SRG-APP-000456-AS-000266

    Group
    Show

  • The WebSphere Application Server must install security-relevant software updates within the time period directed by an authoritative source (e.g., IAVMs, CTOs, DTMs, and STIGs).

    Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (incl...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules