I - Mission Critical Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000092
Group -
The container platform must initiate session auditing upon startup.
When the container platform is started, container platform components and user services can also be started. It is important that the container platform begin auditing on startup in order to handle...Rule Medium Severity -
SRG-APP-000095
Group -
All audit records must identify what type of event has occurred within the container platform.
Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents, th...Rule Medium Severity -
SRG-APP-000096
Group -
The container platform audit records must have a date and time association with all events.
Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents, th...Rule Medium Severity -
SRG-APP-000097
Group -
All audit records must identify where in the container platform the event occurred.
Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents, th...Rule Medium Severity -
SRG-APP-000098
Group -
All audit records must identify the source of the event within the container platform.
Audit data is important when there are issues, to include security incidents that must be investigated. Since the audit data may be part of a larger audit system, it is important for the audit data...Rule Medium Severity -
SRG-APP-000099
Group -
All audit records must generate the event results within the container platform.
Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents, th...Rule Medium Severity -
SRG-APP-000100
Group -
All audit records must identify any users associated with the event within the container platform.
Without information that establishes the identity of the user associated with the events, security personnel cannot determine responsibility for the potentially harmful event.Rule Medium Severity -
SRG-APP-000100
Group -
All audit records must identify any containers associated with the event within the container platform.
Without information that establishes the identity of the containers offering user services or running on behalf of a user within the platform associated with audit events, security personnel cannot...Rule Medium Severity -
SRG-APP-000101
Group -
The container platform must generate audit records containing the full-text recording of privileged commands or the individual identities of group account users.
During an investigation of an incident, it is important to fully understand what took place. Often, information is not part of the audited event due to the data's nature, security risk, or audit lo...Rule Medium Severity -
SRG-APP-000111
Group -
The container platform components must provide the ability to send audit logs to a central enterprise repository for review and analysis.
The container platform components must send audit events to a central managed audit log repository to provide reporting, analysis, and alert notification. Incident response relies on successful tim...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.