Skip to content

III - Administrative Public

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000297

    <GroupDescription></GroupDescription>
    Group
  • The application must display an explicit logoff message to users indicating the reliable termination of authenticated communications sessions.

    &lt;VulnDiscussion&gt;If a user is not explicitly notified that their application session has been terminated, they cannot be certain that their se...
    Rule Low Severity
  • SRG-APP-000311

    <GroupDescription></GroupDescription>
    Group
  • The application must associate organization-defined types of security attributes having organization-defined security attribute values with information in storage.

    &lt;VulnDiscussion&gt;Without the association of security attributes to information, there is no basis for the application to make security related...
    Rule Medium Severity
  • SRG-APP-000313

    <GroupDescription></GroupDescription>
    Group
  • The application must associate organization-defined types of security attributes having organization-defined security attribute values with information in process.

    &lt;VulnDiscussion&gt;Without the association of security attributes to information, there is no basis for the application to make security related...
    Rule Medium Severity
  • SRG-APP-000314

    <GroupDescription></GroupDescription>
    Group
  • The application must associate organization-defined types of security attributes having organization-defined security attribute values with information in transmission.

    &lt;VulnDiscussion&gt;Without the association of security attributes to information, there is no basis for the application to make security related...
    Rule Medium Severity
  • SRG-APP-000014

    <GroupDescription></GroupDescription>
    Group
  • The application must implement DoD-approved encryption to protect the confidentiality of remote access sessions.

    &lt;VulnDiscussion&gt;Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules