Skip to content

I - Mission Critical Classified

Rules and Groups employed by this XCCDF Profile

  • The ESXi host SSH daemon must be configured with the DOD logon banner.

    <VulnDiscussion>The warning message reinforces policy awareness during the logon process and facilitates possible legal action against attack...
    Rule Medium Severity
  • SRG-OS-000033-VMM-000140

    <GroupDescription></GroupDescription>
    Group
  • The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.

    &lt;VulnDiscussion&gt;OpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module that is enabled by default. For backward comp...
    Rule Medium Severity
  • SRG-OS-000107-VMM-000530

    <GroupDescription></GroupDescription>
    Group
  • The ESXi host Secure Shell (SSH) daemon must ignore ".rhosts" files.

    &lt;VulnDiscussion&gt;SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules