II - Mission Support Sensitive
Rules and Groups employed by this XCCDF Profile
-
The WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes.
<VulnDiscussion>Encryption is only as good as the encryption modules utilized. Unapproved cryptographic module algorithms cannot be verified ...Rule Medium Severity -
SRG-APP-000402-AS-000247
<GroupDescription></GroupDescription>Group -
The WebSphere Application Server must accept Personal Identity Verification (PIV) credentials from other federal agencies to access the management interface.
<VulnDiscussion>Personal Identity Verification (PIV) credentials are those credentials issued by federal agencies that conform to FIPS Public...Rule Medium Severity -
SRG-APP-000514-AS-000137
<GroupDescription></GroupDescription>Group -
The WebSphere Application Server must use DoD-approved Signer Certificates.
<VulnDiscussion>Class 3 PKI certificates are used for servers and software signing rather than for identifying individuals. Class 4 certifica...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules