Skip to content

III - Administrative Public

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000148-AS-000101

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server LDAP user registry must be used.

    &lt;VulnDiscussion&gt;To assure accountability and prevent unauthorized access, application server users must be uniquely identified and authentica...
    Rule Medium Severity
  • SRG-APP-000148-AS-000101

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server local file-based user registry must not be used.

    &lt;VulnDiscussion&gt;WebSphere does not provide direct audit of changes to the built-in file registry. The built-in file registry must not be used...
    Rule Medium Severity
  • SRG-APP-000149-AS-000102

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server multifactor authentication for network access to privileged accounts must be used.

    &lt;VulnDiscussion&gt;Multifactor authentication creates a layered defense and makes it more difficult for an unauthorized person to access the app...
    Rule Medium Severity
  • SRG-APP-000156-AS-000106

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must provide security extensions to extend the SOAP protocol and provide secure authentication when accessing sensitive data.

    &lt;VulnDiscussion&gt;Application servers may provide a web services capability that could be leveraged to allow remote access to sensitive applica...
    Rule Medium Severity
  • SRG-APP-000156-AS-000106

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must provide security extensions to extend the SOAP protocol and provide secure authentication when accessing sensitive data.

    &lt;VulnDiscussion&gt;Application servers may provide a web services capability that could be leveraged to allow remote access to sensitive applica...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules