Skip to content

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • Active Directory implementation information must be added to the organization contingency plan where the Risk Management Framework categorization for Availability is moderate or high.

    <VulnDiscussion>When an incident occurs that requires multiple Active Directory (AD) domain controllers to be rebuilt, it is critical to unde...
    Rule Low Severity
  • SRG-OS-000480

    <GroupDescription></GroupDescription>
    Group
  • Active Directory must be supported by multiple domain controllers where the Risk Management Framework categorization for Availability is moderate or high.

    &lt;VulnDiscussion&gt;In Active Directory (AD) architecture, multiple domain controllers provide availability through redundancy. If an AD domain ...
    Rule Medium Severity
  • SRG-OS-000480

    <GroupDescription></GroupDescription>
    Group
  • The impact of CPCON changes on the cross-directory authentication configuration must be considered and procedures documented.

    &lt;VulnDiscussion&gt;When incidents occur that require a change in the Cyber Protection Conditions (CPCON) with the release of USSCI 5200-13 statu...
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules