Skip to content

I - Mission Critical Classified

Rules and Groups employed by this XCCDF Profile

  • The Infrastructure as a Service (IaaS)/Platform as a Service (PaaS) must be configured to maintain separation of all management and data traffic.

    <VulnDiscussion>The Virtual Datacenter Management system provides a management plane for privileged access and communications. Separation of ...
    Rule Medium Severity
  • SRG-NET-000383

    <GroupDescription></GroupDescription>
    Group
  • For Infrastructure as a Service (IaaS)/Platform as a Service (PaaS), the Mission Owner must configure an intrusion detection and prevention system (IDPS) to protect DOD virtual machines (VMs), services, and applications.

    &lt;VulnDiscussion&gt;Network environments and applications installed using an IaaS/PaaS cloud service offering where the Mission Owner has control...
    Rule High Severity
  • SRG-NET-000390

    <GroupDescription></GroupDescription>
    Group
  • The Mission Owner of the Infrastructure as a Service (IaaS) or Platform as a Service (PaaS) must continuously monitor and protect inbound communications from external systems, other IaaS within the same cloud service environment, or collocated mission applications for unusual or unauthorized activities or conditions.

    &lt;VulnDiscussion&gt;Evidence of malicious code is used to identify potentially compromised information systems or information system components. ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules