III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000359
<GroupDescription></GroupDescription>Group -
The application server must provide an immediate warning to the SA and ISSO, at a minimum, when allocated log record storage volume reaches 75% of maximum log record storage capacity.
<VulnDiscussion>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process logs as required. Log ...Rule Medium Severity -
SRG-APP-000360
<GroupDescription></GroupDescription>Group -
The application server must provide an immediate real-time alert to authorized users of all log failure events requiring real-time alerts.
<VulnDiscussion>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process logs as required. Log ...Rule Medium Severity -
SRG-APP-000371
<GroupDescription></GroupDescription>Group -
The application server must compare internal application server clocks at least every 24 hours with an authoritative time source.
<VulnDiscussion>Determining the correct time a particular application event occurred on a system is critical when conducting forensic analysi...Rule Medium Severity -
SRG-APP-000372
<GroupDescription></GroupDescription>Group -
The application server must synchronize internal application server clocks to an authoritative time source when the time difference is greater than the organization-defined time period.
<VulnDiscussion>Determining the correct time a particular application event occurred on a system is critical when conducting forensic analysi...Rule Medium Severity -
SRG-APP-000374
<GroupDescription></GroupDescription>Group -
The application server must record time stamps for log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT).
<VulnDiscussion>If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analys...Rule Medium Severity -
SRG-APP-000375
<GroupDescription></GroupDescription>Group -
The application server must record time stamps for log records that meet a granularity of one second for a minimum degree of precision.
<VulnDiscussion>To investigate an incident, the log records should be easily put into chronological order. Without sufficient granularity of...Rule Medium Severity -
SRG-APP-000380
<GroupDescription></GroupDescription>Group -
The application server must enforce access restrictions associated with changes to application server configuration.
<VulnDiscussion>When dealing with access restrictions pertaining to change control, it should be noted that any changes to the software, and/...Rule Medium Severity -
SRG-APP-000381
<GroupDescription></GroupDescription>Group -
The application server must log the enforcement actions used to restrict access associated with changes to the application server.
<VulnDiscussion>Without logging the enforcement of access restrictions against changes to the application server configuration, it will be di...Rule Medium Severity -
SRG-APP-000389
<GroupDescription></GroupDescription>Group -
The application server must require users to reauthenticate when organization-defined circumstances or situations require reauthentication.
<VulnDiscussion>Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When applica...Rule Medium Severity -
SRG-APP-000391
<GroupDescription></GroupDescription>Group -
The application server must accept Personal Identity Verification (PIV) credentials to access the management interface.
<VulnDiscussion>The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. PIV credentials are only...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.