I - Mission Critical Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000068-CTR-000120
<GroupDescription></GroupDescription>Group -
OpenShift must display the Standard Mandatory DOD Notice and Consent Banner before granting access to platform components.
<VulnDiscussion>OpenShift has countless components where different access levels are needed. To control access, the user must first log into ...Rule Low Severity -
SRG-APP-000089-CTR-000150
<GroupDescription></GroupDescription>Group -
OpenShift must generate audit records for all DOD-defined auditable events within all components in the platform.
<VulnDiscussion>The OpenShift Platform supports three audit levels: Default, WriteRequestBodies, and AllRequestBodies. The identities of the ...Rule Medium Severity -
SRG-APP-000091-CTR-000160
<GroupDescription></GroupDescription>Group -
OpenShift must generate audit records when successful/unsuccessful attempts to access privileges occur.
<VulnDiscussion>OpenShift and its components must generate audit records successful/unsuccessful attempts to access or delete security object...Rule Medium Severity -
SRG-APP-000092-CTR-000165
<GroupDescription></GroupDescription>Group -
Red Hat Enterprise Linux CoreOS (RHCOS) must initiate session audits at system startup.
<VulnDiscussion>Initiating session audits at system startup allows for comprehensive monitoring of user activities and system events from the...Rule High Severity -
SRG-APP-000095-CTR-000170
<GroupDescription></GroupDescription>Group -
All audit records must identify what type of event has occurred within OpenShift.
<VulnDiscussion>Within the container platform, audit data can be generated from any of the deployed container platform components. This audit...Rule Medium Severity -
SRG-APP-000096-CTR-000175
<GroupDescription></GroupDescription>Group -
OpenShift audit records must have a date and time association with all events.
<VulnDiscussion>Within the container platform, audit data can be generated from any of the deployed container platform components. This audit...Rule Medium Severity -
SRG-APP-000099-CTR-000190
<GroupDescription></GroupDescription>Group -
All audit records must generate the event results within OpenShift.
<VulnDiscussion>Within the container platform, audit data can be generated from any of the deployed container platform components. Since the ...Rule Medium Severity -
SRG-APP-000109-CTR-000215
<GroupDescription></GroupDescription>Group -
OpenShift must take appropriate action upon an audit failure.
<VulnDiscussion>It is critical that when the container platform is at risk of failing to process audit logs as required that it takes action ...Rule Medium Severity -
SRG-APP-000111-CTR-000220
<GroupDescription></GroupDescription>Group -
OpenShift components must provide the ability to send audit logs to a central enterprise repository for review and analysis.
<VulnDiscussion>Sending audit logs to a central enterprise repository allows for centralized log management. Instead of scattered logs across...Rule Medium Severity -
SRG-APP-000116-CTR-000235
<GroupDescription></GroupDescription>Group -
OpenShift must use internal system clocks to generate audit record time stamps.
<VulnDiscussion>Knowing when a sequence of events for an incident occurred is crucial to understand what may have taken place. Without a comm...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.