I - Mission Critical Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000119-AS-000079
<GroupDescription></GroupDescription>Group -
The BlackBerry Enterprise Mobility Server (BEMS) must protect log information from unauthorized modification.
<VulnDiscussion>If log data were to become compromised, then competent forensic analysis and discovery of the true source of potentially mali...Rule Medium Severity -
SRG-APP-000120-AS-000080
<GroupDescription></GroupDescription>Group -
The BlackBerry Enterprise Mobility Server (BEMS) must protect log information from unauthorized deletion.
<VulnDiscussion>If log data were to become compromised, then competent forensic analysis and discovery of the true source of potentially mali...Rule Medium Severity -
SRG-APP-000142-AS-000014
<GroupDescription></GroupDescription>Group -
The BlackBerry Enterprise Mobility Server (BEMS) platform must be protected by a DOD-approved firewall.
<VulnDiscussion>Most information systems are capable of providing a wide variety of functions and services. Some of the functions and service...Rule Medium Severity -
SRG-APP-000142-AS-000014
<GroupDescription></GroupDescription>Group -
The firewall protecting the BEMS must be configured to restrict all network traffic to and from all addresses with the exception of ports, protocols, and IP address ranges required to support BEMS functions.
<VulnDiscussion>Most information systems are capable of providing a wide variety of functions and services. Some of the functions and service...Rule Medium Severity -
SRG-APP-000142-AS-000014
<GroupDescription></GroupDescription>Group -
The firewall protecting the BlackBerry Enterprise Mobility Server (BEMS) must be configured so that only DOD-approved ports, protocols, and services are enabled.
<VulnDiscussion>All ports, protocols, and services used on DOD networks must be approved and registered via the DOD PPSM process. This is to ...Rule Medium Severity -
SRG-APP-000439-AS-000155
<GroupDescription></GroupDescription>Group -
The BlackBerry Enterprise Mobility Server (BEMS) must protect the confidentiality and integrity of transmitted information through the use of an approved TLS version.
<VulnDiscussion>Preventing the disclosure of transmitted information requires that the application server take measures to employ some form o...Rule Medium Severity -
SRG-APP-000439-AS-000274
<GroupDescription></GroupDescription>Group -
The BlackBerry Enterprise Mobility Server (BEMS) must remove all export ciphers to protect the confidentiality and integrity of transmitted information.
<VulnDiscussion>During the initial setup of a Transport Layer Security (TLS) connection to the application server, the client sends a list of...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
The BlackBerry Enterprise Mobility Server (BEMS) must be configured to have at least one user in the following Administrator roles: Server primary administrator, auditor.
<VulnDiscussion>Having several administrative roles for the BEMS supports separation of duties. This allows administrator-level privileges to...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
The BlackBerry Enterprise Mobility Server (BEMS) must be configured to use Windows Authentication for the database connection.
<VulnDiscussion>To ensure accountability and prevent unauthorized access, organizational users must be identified and authenticated. Organiza...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
The BlackBerry Enterprise Mobility Server (BEMS) must be configured to use HTTPS.
<VulnDiscussion>Preventing the disclosure of transmitted information requires that applications take measures to employ some form of cryptogr...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.