Skip to content

I - Mission Critical Public

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000294-NDM-000278

    <GroupDescription></GroupDescription>
    Group
  • Riverbed Optimization System (RiOS) must generate alerts that can be forwarded to the administrators and ISSO when accounts are removed.

    &lt;VulnDiscussion&gt;When application accounts are removed, administrator accessibility is affected. Accounts are utilized for identifying individ...
    Rule Low Severity
  • SRG-APP-000033-NDM-000212

    <GroupDescription></GroupDescription>
    Group
  • Riverbed Optimization System (RiOS) must enforce the assigned privilege level for each administrator and authorizations for access to all commands relative to the privilege level in accordance with applicable policy for the device.

    &lt;VulnDiscussion&gt;To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DoD-ap...
    Rule Medium Severity
  • SRG-APP-000343-NDM-000289

    <GroupDescription></GroupDescription>
    Group
  • Riverbed Optimization System (RiOS) must generate a log event when privileged functions are executed.

    &lt;VulnDiscussion&gt;Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external enti...
    Rule Low Severity
  • SRG-APP-000065-NDM-000214

    <GroupDescription></GroupDescription>
    Group
  • Riverbed Optimization System (RiOS) must enforce the limit of three (3) consecutive invalid logon attempts by a user during a 15-minute time period for device console access.

    &lt;VulnDiscussion&gt;By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise...
    Rule Medium Severity
  • SRG-APP-000065-NDM-000214

    <GroupDescription></GroupDescription>
    Group
  • Riverbed Optimization System (RiOS) must enforce the limit of three (3) consecutive invalid logon attempts by a user during a 15-minute time period for web-based management access.

    &lt;VulnDiscussion&gt;By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules