Skip to content
Log In

II - Mission Support Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000315-WSR-000004

    Group
    Show

  • The Apache web server must restrict inbound connections from nonsecure zones.

    Remote access to the Apache web server is any access that communicates through an external, non-organization-controlled network. Remote access can be used to access hosted applications or to perfor...
    Rule Medium Severity
    Show

  • SRG-APP-000340-WSR-000029

    Group
    Show

  • Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.

    By separating Apache web server security functions from non-privileged users, roles can be developed that can then be used to administer the Apache web server. Forcing users to change from a non-pr...
    Rule Medium Severity
    Show

  • SRG-APP-000380-WSR-000072

    Group
    Show

  • The Apache web server application, libraries, and configuration files must only be accessible to privileged users.

    The Apache web server can be modified through parameter modification, patch installation, upgrades to the Apache web server or modules, and security parameter changes. With each of these changes, t...
    Rule Medium Severity
    Show

  • SRG-APP-000427-WSR-000186

    Group
    Show

  • The Apache web server must only accept client certificates issued by DOD PKI or DoD-approved PKI Certification Authorities (CAs).

    Non-DOD approved PKIs have not been evaluated to ensure that they have security controls and identity vetting procedures in place that are sufficient for DOD systems to rely on the identity asserte...
    Rule Medium Severity
    Show

  • SRG-APP-000439-WSR-000153

    Group
    Show

  • The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed.

    A cookie is used when a web server needs to share data with the client's browser. The data is often used to remember the client when the client returns to the hosted application at a later date. A ...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules