III - Administrative Public
Rules and Groups employed by this XCCDF Profile
-
SRG-NET-000284-ALG-000073
<GroupDescription></GroupDescription>Group -
The ALG that is part of a CDS, when transferring information between different security domains, must examine the information for the presence of organization-defined unsanctioned information.
<VulnDiscussion>Without the capability to examine information, there is no means to determine the presence of information not authorized for ...Rule Medium Severity -
SRG-NET-000285-ALG-000074
<GroupDescription></GroupDescription>Group -
The ALG that is part of a CDS must prohibit the transfer of unsanctioned information in accordance with the security policy when transferring information between different security domains.
<VulnDiscussion>The ability to prohibit information transfer is fundamentally necessary to prevent unintended and unauthorized data flows. Fa...Rule Medium Severity -
SRG-NET-000325-ALG-000075
<GroupDescription></GroupDescription>Group -
The ALG that is part of a CDS must uniquely identify and authenticate source by organization, system, application, and/or individual for information transfer.
<VulnDiscussion>Attribution is a critical component of a security concept of operations. The ability to identify source and destination point...Rule Medium Severity -
SRG-NET-000326-ALG-000076
<GroupDescription></GroupDescription>Group -
The ALG that is part of a CDS must uniquely identify and authenticate destination by organization, system, application, and/or individual for information transfer.
<VulnDiscussion>Attribution is a critical component of a security concept of operations. The ability to identify source and destination point...Rule Medium Severity -
SRG-NET-000327-ALG-000077
<GroupDescription></GroupDescription>Group -
The ALG that is part of a CDS must bind security attributes to information using organization-defined binding techniques to facilitate information flow policy enforcement.
<VulnDiscussion>If security attributes are not associated with the information being transmitted between systems, then access control policie...Rule Medium Severity -
SRG-NET-000328-ALG-000078
<GroupDescription></GroupDescription>Group -
The ALG that is part of a CDS, when transferring information between different security domains, must apply the same security policy filtering to metadata as it applies to data payloads.
<VulnDiscussion>Subjecting metadata to the same filtering and inspection policies as payload data helps to mitigate the risk of data compromi...Rule Medium Severity -
SRG-NET-000029-ALG-000079
<GroupDescription></GroupDescription>Group -
The ALG that is part of a CDS must enforce dynamic traffic flow control based on organization-defined policies.
<VulnDiscussion>Information flow policies regarding dynamic information flow control include allowing or disallowing information flows based ...Rule Medium Severity -
SRG-NET-000280-ALG-000080
<GroupDescription></GroupDescription>Group -
The ALG that is part of a CDS must enforce information flow control based on organization-defined metadata.
<VulnDiscussion>Enforcing allowed information flows based on metadata enables simpler and more effective flow control. Metadata is informatio...Rule Medium Severity -
SRG-NET-000280-ALG-000081
<GroupDescription></GroupDescription>Group -
The ALG that is part of a CDS must block the transfer of data with malformed security attribute metadata structures.
<VulnDiscussion>Enforcing allowed information flows based on metadata enables simpler and more effective flow control. Metadata is informatio...Rule Medium Severity -
SRG-NET-000032-ALG-000082
<GroupDescription></GroupDescription>Group -
The ALG that is part of a CDS must enforce organization-defined one-way information flows using hardware mechanisms.
<VulnDiscussion>Information flow control regulates where information is allowed to travel within a network and between interconnected network...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.