Skip to content

III - Administrative Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • The application must be decommissioned when maintenance or support is no longer available.

    &lt;VulnDiscussion&gt;Unsupported software products should not be used because fixes to newly identified bugs will not be implemented by the vendor...
    Rule High Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • Procedures must be in place to notify users when an application is decommissioned.

    &lt;VulnDiscussion&gt;When maintenance no longer exists for an application, there are no individuals responsible for making security updates. The a...
    Rule Low Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • Unnecessary built-in application accounts must be disabled.

    &lt;VulnDiscussion&gt;Default passwords and properties of built-in accounts are often publicly available. Anyone with necessary knowledge, internal...
    Rule Medium Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • Default passwords must be changed.

    &lt;VulnDiscussion&gt;Default passwords can easily be compromised by attackers allowing immediate access to the applications.&lt;/VulnDiscussion&gt...
    Rule High Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • An Application Configuration Guide must be created and included with the application.

    &lt;VulnDiscussion&gt;The Application Configuration Guide is any document or collection of documents used to configure the application. These docu...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules