Skip to content

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000439-WSR-000188

    <GroupDescription></GroupDescription>
    Group
  • The Apache web server must remove all export ciphers to protect the confidentiality and integrity of transmitted information.

    &lt;VulnDiscussion&gt;During the initial setup of a Transport Layer Security (TLS) connection to the Apache web server, the client sends a list of ...
    Rule Medium Severity
  • SRG-APP-000456-WSR-000187

    <GroupDescription></GroupDescription>
    Group
  • The Apache web server must install security-relevant software updates within the configured time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).

    &lt;VulnDiscussion&gt;Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products t...
    Rule Medium Severity
  • SRG-APP-000516-WSR-000079

    <GroupDescription></GroupDescription>
    Group
  • The account used to run the Apache web server must not have a valid login shell and password defined.

    &lt;VulnDiscussion&gt;During installation of the Apache web server software, accounts are created for the Apache web server to operate properly. Th...
    Rule High Severity
  • SRG-APP-000516-WSR-000174

    <GroupDescription></GroupDescription>
    Group
  • The Apache web server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.

    &lt;VulnDiscussion&gt;Configuring the Apache web server to implement organization-wide security implementation guides and security checklists guara...
    Rule Low Severity
  • SRG-APP-000516-WSR-000174

    <GroupDescription></GroupDescription>
    Group
  • The Apache web server software must be a vendor-supported version.

    &lt;VulnDiscussion&gt;Many vulnerabilities are associated with olderĀ versions of web server software. As hot fixes and patches are issued, these so...
    Rule High Severity
  • SRG-APP-000516-WSR-000174

    <GroupDescription></GroupDescription>
    Group
  • The Apache web server htpasswd files (if present) must reflect proper ownership and permissions.

    &lt;VulnDiscussion&gt;In addition to OS restrictions, access rights to files and directories can be set on a website using the web server software....
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules