II - Mission Support Public
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000095
<GroupDescription></GroupDescription>Group -
All audit records must identify what type of event has occurred within the container platform.
<VulnDiscussion>Within the container platform, audit data can be generated from any of the deployed container platform components. This audit...Rule Medium Severity -
SRG-APP-000096
<GroupDescription></GroupDescription>Group -
The container platform audit records must have a date and time association with all events.
<VulnDiscussion>Within the container platform, audit data can be generated from any of the deployed container platform components. This audit...Rule Medium Severity -
SRG-APP-000097
<GroupDescription></GroupDescription>Group -
All audit records must identify where in the container platform the event occurred.
<VulnDiscussion>Within the container platform, audit data can be generated from any of the deployed container platform components. This audit...Rule Medium Severity -
SRG-APP-000098
<GroupDescription></GroupDescription>Group -
All audit records must identify the source of the event within the container platform.
<VulnDiscussion>Audit data is important when there are issues, to include security incidents that must be investigated. Since the audit data ...Rule Medium Severity -
SRG-APP-000099
<GroupDescription></GroupDescription>Group -
All audit records must generate the event results within the container platform.
<VulnDiscussion>Within the container platform, audit data can be generated from any of the deployed container platform components. This audit...Rule Medium Severity -
SRG-APP-000100
<GroupDescription></GroupDescription>Group -
All audit records must identify any users associated with the event within the container platform.
<VulnDiscussion>Without information that establishes the identity of the user associated with the events, security personnel cannot determine...Rule Medium Severity -
SRG-APP-000100
<GroupDescription></GroupDescription>Group -
All audit records must identify any containers associated with the event within the container platform.
<VulnDiscussion>Without information that establishes the identity of the containers offering user services or running on behalf of a user wit...Rule Medium Severity -
SRG-APP-000101
<GroupDescription></GroupDescription>Group -
The container platform must generate audit records containing the full-text recording of privileged commands or the individual identities of group account users.
<VulnDiscussion>During an investigation of an incident, it is important to fully understand what took place. Often, information is not part o...Rule Medium Severity -
SRG-APP-000109
<GroupDescription></GroupDescription>Group -
The container platform must take appropriate action upon an audit failure.
<VulnDiscussion>It is critical that when the container platform is at risk of failing to process audit logs as required that it take action t...Rule Medium Severity -
SRG-APP-000111
<GroupDescription></GroupDescription>Group -
The container platform components must provide the ability to send audit logs to a central enterprise repository for review and analysis.
<VulnDiscussion>The container platform components must send audit events to a central managed audit log repository to provide reporting, anal...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.