Skip to content

II - Mission Support Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000219

    <GroupDescription></GroupDescription>
    Group
  • Remoting Services HTTP channels must utilize authentication and encryption.

    &lt;VulnDiscussion&gt;Note: Microsoft recommends using the Windows Communication Framework (WCF) rather than using .Net remoting. New development p...
    Rule Medium Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • .Net Framework versions installed on the system must be supported.

    &lt;VulnDiscussion&gt;Unsupported software introduces risks and violates DoD policy. Applications utilizing unsupported versions of .NET introduce...
    Rule Medium Severity
  • SRG-APP-000635

    <GroupDescription></GroupDescription>
    Group
  • The .NET CLR must be configured to use FIPS approved encryption modules.

    &lt;VulnDiscussion&gt;FIPS encryption is configured via .NET configuration files. There are numerous configuration files that affect different asp...
    Rule Medium Severity
  • SRG-APP-000175

    <GroupDescription></GroupDescription>
    Group
  • .NET must be configured to validate strong names on full-trust assemblies.

    &lt;VulnDiscussion&gt;The "bypassTrustedAppStrongNames" setting specifies whether the bypass feature that avoids validating strong names for full-t...
    Rule Medium Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • .Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance.

    &lt;VulnDiscussion&gt;CAS policy is .NET runtime version-specific. In .NET Framework version 4, CAS policy is disabled by default however; it can ...
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules