II - Mission Support Sensitive
Rules and Groups employed by this XCCDF Profile
-
Tomcat users in a management role must be approved by the ISSO.
Deploying applications to Tomcat requires a Tomcat user account that is in the "manager-script" role. Any user accounts in a Tomcat management role must be approved by the ISSO.Rule Medium Severity -
SRG-APP-000516-AS-000237
Group -
Hosted applications must be documented in the system security plan.
The ISSM/ISSO must be cognizant of all applications operating on the Tomcat server, and must address any security implications associated with the operation of the applications. If unknown/undocum...Rule Low Severity -
SRG-APP-000516-AS-000237
Group -
Connectors must be approved by the ISSO.
Connectors are how Tomcat receives requests over a network port, passes them to hosted web applications via HTTP or AJP and then sends back the results to the requestor. A port and a protocol are t...Rule Low Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules