Skip to content

I - Mission Critical Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000098-WSR-000059

    <GroupDescription></GroupDescription>
    Group
  • OHS must have a SSL log format defined for log records that allow the establishment of the source of events.

    &lt;VulnDiscussion&gt;Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a corr...
    Rule Medium Severity
  • SRG-APP-000098-WSR-000059

    <GroupDescription></GroupDescription>
    Group
  • OHS must have a log file defined for each site/virtual host to capture logs generated that allow the establishment of the source of events.

    &lt;VulnDiscussion&gt;Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a corr...
    Rule Medium Severity
  • SRG-APP-000098-WSR-000060

    <GroupDescription></GroupDescription>
    Group
  • OHS, behind a load balancer or proxy server, must produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event.

    &lt;VulnDiscussion&gt;Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a corr...
    Rule Medium Severity
  • SRG-APP-000098-WSR-000060

    <GroupDescription></GroupDescription>
    Group
  • OHS, behind a load balancer or proxy server, must have the SSL log format set correctly to produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event.

    &lt;VulnDiscussion&gt;Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a corr...
    Rule Medium Severity
  • SRG-APP-000098-WSR-000060

    <GroupDescription></GroupDescription>
    Group
  • OHS, behind a load balancer or proxy server, must have a log file defined for each site/virtual host to produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event.

    &lt;VulnDiscussion&gt;Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a corr...
    Rule Medium Severity
  • SRG-APP-000099-WSR-000061

    <GroupDescription></GroupDescription>
    Group
  • OHS must have a log format defined to produce log records that contain sufficient information to establish the outcome (success or failure) of events.

    &lt;VulnDiscussion&gt;Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a corr...
    Rule Medium Severity
  • SRG-APP-000099-WSR-000061

    <GroupDescription></GroupDescription>
    Group
  • OHS must have a SSL log format defined to produce log records that contain sufficient information to establish the outcome (success or failure) of events.

    &lt;VulnDiscussion&gt;Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a corr...
    Rule Medium Severity
  • SRG-APP-000099-WSR-000061

    <GroupDescription></GroupDescription>
    Group
  • OHS must have a log file defined for each site/virtual host to produce log records that contain sufficient information to establish the outcome (success or failure) of events.

    &lt;VulnDiscussion&gt;Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a corr...
    Rule Medium Severity
  • SRG-APP-000100-WSR-000064

    <GroupDescription></GroupDescription>
    Group
  • OHS must have a log format defined to produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event.

    &lt;VulnDiscussion&gt;Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a corr...
    Rule Medium Severity
  • SRG-APP-000100-WSR-000064

    <GroupDescription></GroupDescription>
    Group
  • OHS must have a SSL log format defined to produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event.

    &lt;VulnDiscussion&gt;Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a corr...
    Rule Medium Severity
  • SRG-APP-000100-WSR-000064

    <GroupDescription></GroupDescription>
    Group
  • OHS must have a log file defined for each site/virtual host to produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event.

    &lt;VulnDiscussion&gt;Web server logging capability is critical for accurate forensic analysis. Without sufficient and accurate information, a corr...
    Rule Medium Severity
  • SRG-APP-000118-WSR-000068

    <GroupDescription></GroupDescription>
    Group
  • OHS log files must only be accessible by privileged users.

    &lt;VulnDiscussion&gt;Log data is essential in the investigation of events. If log data were to become compromised, then competent forensic analysi...
    Rule Medium Severity
  • SRG-APP-000119-WSR-000069

    <GroupDescription></GroupDescription>
    Group
  • The log information from OHS must be protected from unauthorized modification.

    &lt;VulnDiscussion&gt;Log data is essential in the investigation of events. The accuracy of the information is always pertinent. Information that i...
    Rule Medium Severity
  • SRG-APP-000120-WSR-000070

    <GroupDescription></GroupDescription>
    Group
  • The log information from OHS must be protected from unauthorized deletion.

    &lt;VulnDiscussion&gt;Log data is essential in the investigation of events. The accuracy of the information is always pertinent. Information that i...
    Rule Medium Severity
  • SRG-APP-000125-WSR-000071

    <GroupDescription></GroupDescription>
    Group
  • The log data and records from OHS must be backed up onto a different system or media.

    &lt;VulnDiscussion&gt;Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up log records to an unrelated...
    Rule Medium Severity
  • SRG-APP-000358-WSR-000163

    <GroupDescription></GroupDescription>
    Group
  • OHS must be configured to store error log files to an appropriate storage device from which other tools can be configured to reference those log files for diagnostic/forensic purposes.

    &lt;VulnDiscussion&gt;A web server will typically utilize logging mechanisms for maintaining a historical log of activity that occurs within a host...
    Rule Medium Severity
  • SRG-APP-000358-WSR-000163

    <GroupDescription></GroupDescription>
    Group
  • OHS must be configured to store access log files to an appropriate storage device from which other tools can be configured to reference those log files for diagnostic/forensic purposes.

    &lt;VulnDiscussion&gt;A web server will typically utilize logging mechanisms for maintaining a historical log of activity that occurs within a host...
    Rule Medium Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule file_cache_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Medium Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule vhost_alias_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Low Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule env_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Medium Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule mime_magic_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Low Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule negotiation_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Low Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must not have the LanguagePriority directive enabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Low Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must not have the ForceLanguagePriority directive enabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Low Severity
  • SRG-APP-000141-WSR-000075

    <GroupDescription></GroupDescription>
    Group
  • OHS must have the LoadModule status_module directive disabled.

    &lt;VulnDiscussion&gt;A web server can provide many features, services, and processes. Some of these may be deemed unnecessary or too unsecure to r...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules