Skip to content
Log In

I - Mission Critical Public

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000267

    Group
    Show

  • The Tanium application must reveal error messages only to the information system security officer (ISSO), information system security manager (ISSM), and system administrator (SA).

    Only authorized personnel must be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the application. Additionally...
    Rule Medium Severity
    Show

  • SRG-APP-000357

    Group
    Show

  • The Tanium application must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements.

    To ensure applications have a sufficient storage capacity in which to write the audit logs, applications must be able to allocate audit record storage capacity. The task of allocating audit recor...
    Rule Medium Severity
    Show

  • SRG-APP-000358

    Group
    Show

  • The Tanium application must offload audit records onto a different system or media than the system being audited.

    Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Offloading is a common process in information systems with limited audit storage capacity.
    Rule Medium Severity
    Show

  • SRG-APP-000359

    Group
    Show

  • The Tanium application must provide an immediate warning to the system administrator and information system security officer (at a minimum) when allocated audit record storage volume reaches 75% of repository maximum audit record storage capacity.

    If security personnel are not notified immediately upon storage volume utilization reaching 75%, they are unable to plan for storage capacity expansion.
    Rule Medium Severity
    Show

  • SRG-APP-000360

    Group
    Show

  • The Tanium application must provide an immediate real-time alert to the system administrator and information system security officer, at a minimum, of all audit failure events requiring real-time alerts.

    It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impe...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules