Skip to content

I - Mission Critical Public

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000001-AS-000001

    <GroupDescription></GroupDescription>
    Group
  • Automation Controller must limit the number of concurrent sessions to an organization-defined number for all accounts and/or account types.

    &lt;VulnDiscussion&gt;Application management includes the ability to control the number of sessions that utilize an application by all accounts and...
    Rule Medium Severity
  • SRG-APP-000014-AS-000009

    <GroupDescription></GroupDescription>
    Group
  • Automation Controller must use encryption strength in accordance with the categorization of the management data during remote access management sessions.

    &lt;VulnDiscussion&gt;Remote management access is accomplished by leveraging common communication protocols and establishing a remote connection to...
    Rule Medium Severity
  • SRG-APP-000015-AS-000010

    <GroupDescription></GroupDescription>
    Group
  • Automation Controller must implement cryptography mechanisms to protect the integrity of information.

    &lt;VulnDiscussion&gt;Encryption is critical for protection of remote access sessions. If encryption is not being used for integrity, malicious use...
    Rule High Severity
  • SRG-APP-000068-AS-000035

    <GroupDescription></GroupDescription>
    Group
  • The Automation Controller management interface must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.

    &lt;VulnDiscussion&gt;Automation Controller is required to display the Standard Mandatory DOD Notice and Consent Banner before granting access to t...
    Rule Medium Severity
  • SRG-APP-000080-AS-000045

    <GroupDescription></GroupDescription>
    Group
  • Automation Controller must use external log providers that can collect user activity logs in independent, protected repositories to prevent modification or repudiation.

    &lt;VulnDiscussion&gt;Automation Controller must be configured to use external logging to compile log records from multiple components within the s...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules