III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.
The Apache web server has several remote communications channels. Examples are user requests via http/https, communication to a backend database, and communication to authenticate users. The encryp...Rule Medium Severity -
SRG-APP-000516-WSR-000174
Group -
System logging must be enabled.
The server error logs are invaluable because they can also be used to identify potential problems and enable proactive remediation. Log data can reveal anomalous behavior such as "not found" or "un...Rule Medium Severity -
SRG-APP-000089-WSR-000047
Group -
The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events.
Log records can be generated from various components within the Apache web server (e.g., httpd, plug-ins to external backends, etc.). From a web server perspective, certain specific Apache web serv...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules