Skip to content
Log In

I - Mission Critical Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000149-AS-000102

    Group
    Show

  • Oracle WebLogic must employ strong identification and authentication techniques when establishing nonlocal maintenance and diagnostic sessions.

    Nonlocal maintenance and diagnostic activities are those activities conducted by individuals communicating through a network, either an external network (e.g., the Internet) or an internal network....
    Rule Medium Severity
    Show

  • SRG-APP-000295-AS-000263

    Group
    Show

  • Oracle WebLogic must terminate the network connection associated with a communications session at the end of the session or after a DoD-defined time period of inactivity.

    If communications sessions remain open for extended periods of time even when unused, there is the potential for an adversary to hijack the session and use it to gain access to the device or netwo...
    Rule Low Severity
    Show

  • SRG-APP-000440-AS-000167

    Group
    Show

  • Oracle WebLogic must establish a trusted communications path between the user and organization-defined security functions within the information system.

    Without a trusted communication path, the application server is vulnerable to a man-in-the-middle attack. Application server user interfaces are used for management of the application server so th...
    Rule Medium Severity
    Show

  • SRG-APP-000516-AS-000237

    Group
    Show

  • Oracle WebLogic must utilize NSA-approved cryptography when protecting classified compartmentalized data.

    Cryptography is only as strong as the encryption modules/algorithms employed to encrypt the data. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to ...
    Rule Medium Severity
    Show

  • SRG-APP-000435-AS-000069

    Group
    Show

  • Oracle WebLogic must protect the integrity and availability of publicly available information and applications.

    The purpose of this control is to ensure organizations explicitly address the protection needs for public information and applications, with such protection likely being implemented as part of oth...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules