II - Mission Support Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000175-AS-000124
Group -
DOD root CA certificates must be installed in Tomcat trust store.
Tomcat truststores are used to validate client certificates. On the Ubuntu OS, by default, Tomcat uses the "cacerts" file as the CA trust store. The file is located in the /etc/ssl/certs/java/ fold...Rule Medium Severity -
SRG-APP-000176-AS-000125
Group -
Keystore file must be protected.
Keystore file contains authentication information used to access application data and data resources. Access to the file must be protected. The default location is in the .keystore file stored in ...Rule Medium Severity -
SRG-APP-000179-AS-000129
Group -
Tomcat must use FIPS-validated ciphers on secured connectors.
Connectors are how Tomcat receives requests over a network port, passes them to hosted web applications via HTTP or AJP, and then sends the results back to the requestor. Cryptographic ciphers are ...Rule High Severity -
SRG-APP-000211-AS-000146
Group -
Access to JMX management interface must be restricted.
Java Management Extensions (JMX) is used to provide programmatic access to Tomcat for management purposes. This includes monitoring and control of java applications running on Tomcat. If network ac...Rule Medium Severity -
SRG-APP-000211-AS-000146
Group -
Access to Tomcat manager application must be restricted.
The Tomcat manager application is used to manage the Tomcat server and the applications that run on Tomcat. By default, the manager application is only accessible via the localhost. Exposing the ma...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules