II - Mission Support Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000516-WSR-000174
Group -
A private OHS installation must be located on a separate controlled access subnet.
Private web servers, which host sites that serve controlled access data, must be protected from outside threats in addition to insider threats. Insider threat may be accidental or intentional but, ...Rule Medium Severity -
SRG-APP-000516-WSR-000174
Group -
The version of the OHS installation must be vendor-supported.
Many vulnerabilities are associated with older versions of software. As hot fixes and patches are issued, these solutions are included in the next version of the server software. Maintaining OHS ...Rule High Severity -
SRG-APP-000516-WSR-000174
Group -
OHS must be certified with accompanying Fusion Middleware products.
OHS is capable of being used with other Oracle products. For the products to work properly and not introduce vulnerabilities or errors, Oracle certifies which versions work with each other. Insis...Rule Medium Severity -
SRG-APP-000516-WSR-000174
Group -
OHS tools must be restricted to the web manager and the web managers designees.
All automated information systems are at risk of data loss due to disaster or compromise. Failure to provide adequate protection to the administration tools creates risk of potential theft or damag...Rule Medium Severity -
SRG-APP-000516-WSR-000174
Group -
All utility programs, not necessary for operations, must be removed or disabled.
Just as running unneeded services and protocols is a danger to the web server at the lower levels of the OSI model, running unneeded utilities and programs is also a danger at the application layer...Rule Low Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.