Skip to content
Log In

I - Mission Critical Public

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000320

    Group
    Show

  • The container platform must notify the system administrator (SA) and information system security officer (ISSO) of account enabling actions.

    Once an attacker establishes access to an application, the attacker often attempts to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to simply ...
    Rule Medium Severity
    Show

  • SRG-APP-000340

    Group
    Show

  • The container platform must prevent non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

    Controlling what users can perform privileged functions prevents unauthorized users from performing tasks that may expose data or degrade the container platform. When users are not segregated into ...
    Rule Medium Severity
    Show

  • SRG-APP-000342

    Group
    Show

  • Container images instantiated by the container platform must execute using least privileges.

    Containers running within the container platform must execute as non-privileged. When a container can execute as a privileged container, the privileged container is also a privileged user within th...
    Rule Medium Severity
    Show

  • SRG-APP-000343

    Group
    Show

  • The container platform must audit the execution of privileged functions.

    Privileged functions within the container platform can be component specific or can envelope the entire container platform. Because of the nature of the commands, it is important to understand what...
    Rule Medium Severity
    Show

  • SRG-APP-000345

    Group
    Show

  • The container platform must automatically lock an account until the locked account is released by an administrator when three unsuccessful login attempts in 15 minutes are exceeded.

    By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the a...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules