I - Mission Critical Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000427-AS-000264
<GroupDescription></GroupDescription>Group -
Certificates in the trust store must be issued/signed by an approved CA.
<VulnDiscussion>Use of self-signed certificates creates a lack of integrity and invalidates the certificate based authentication trust model....Rule Medium Severity -
SRG-APP-000435-AS-000069
<GroupDescription></GroupDescription>Group -
The application server, when categorized as a high availability system within RMF, must be in a high-availability (HA) cluster.
<VulnDiscussion>A MAC I system is a system that handles data vital to the organization's operational readiness or effectiveness of deployed o...Rule Medium Severity -
SRG-APP-000435-AS-000163
<GroupDescription></GroupDescription>Group -
Tomcat server must be patched for security vulnerabilities.
<VulnDiscussion>Tomcat is constantly being updated to address newly discovered vulnerabilities, some of which include denial-of-service attac...Rule Medium Severity -
SRG-APP-000495-AS-000220
<GroupDescription></GroupDescription>Group -
AccessLogValve must be configured for Catalina engine.
<VulnDiscussion>The <Engine> container represents the entire request processing machinery associated with a particular Catalina Service...Rule Medium Severity -
SRG-APP-000504-AS-000229
<GroupDescription></GroupDescription>Group -
Changes to $CATALINA_HOME/bin/ folder must be logged.
<VulnDiscussion>The $CATALINA_HOME/bin folder contains startup and control scripts for the Tomcat Catalina server. To provide forensic eviden...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.