Skip to content

I - Mission Critical Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000068-AS-000035

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server management interface must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system.

    &lt;VulnDiscussion&gt;Application servers are required to display the Standard Mandatory DoD Notice and Consent Banner before granting access to th...
    Rule Medium Severity
  • SRG-APP-000069-AS-000036

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server management interface must retain the Standard Mandatory DoD Notice and Consent Banner on the screen until users acknowledge the usage conditions and take explicit actions to log on for further access.

    &lt;VulnDiscussion&gt;To establish acceptance of system usage policy, a click-through banner at the application server management interface logon i...
    Rule Medium Severity
  • SRG-APP-000091-AS-000052

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must generate log records when successful/unsuccessful attempts to access subject privileges occur.

    &lt;VulnDiscussion&gt;Accessing a subject's privileges can be used to elevate a lower-privileged subject's privileges temporarily in order to cause...
    Rule Low Severity
  • SRG-APP-000357-AS-000038

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must allocate JVM log record storage capacity in accordance with organization-defined log record storage requirements.

    &lt;VulnDiscussion&gt;JVM logs are logs used to store application and runtime related events, rather than audit related events. They are mainly use...
    Rule Medium Severity
  • SRG-APP-000357-AS-000038

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must allocate audit log record storage capacity in accordance with organization-defined log record storage requirements.

    &lt;VulnDiscussion&gt;The proper management of log records not only dictates proper archiving processes and procedures be established, it also requ...
    Rule Medium Severity
  • SRG-APP-000360-AS-000066

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must provide an immediate real-time alert to authorized users of all log failure events requiring real-time alerts.

    &lt;VulnDiscussion&gt;It is critical for the appropriate personnel to be aware if a system is at risk of failing to process logs as required. Log p...
    Rule Medium Severity
  • SRG-APP-000108-AS-000067

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must alert the SA and ISSO, at a minimum, in the event of a log processing failure.

    &lt;VulnDiscussion&gt;Logs are essential to monitor the health of the system, investigate changes that occurred to the system, or investigate a sec...
    Rule Low Severity
  • SRG-APP-000108-AS-000067

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server audit subsystem failure action must be set to Log warning.

    &lt;VulnDiscussion&gt;Logs are essential to monitor the health of the system, investigate changes that occurred to the system, or investigate a sec...
    Rule Medium Severity
  • SRG-APP-000109-AS-000068

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must shut down by default upon log failure (unless availability is an overriding concern).

    &lt;VulnDiscussion&gt;It is critical that, when a system is at risk of failing to process logs, it detects and takes action to mitigate the failure...
    Rule Low Severity
  • SRG-APP-000109-AS-000070

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server high availability applications must be configured to fail over to another system in the event of log subsystem failure.

    &lt;VulnDiscussion&gt;This requirement is dependent upon system MAC and availability. If the system MAC and availability do not specify redundancy ...
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules