Skip to content
Log In

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000457-NDM-000352

    Group
    Show

  • The application must install security-relevant firmware updates within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).

    Security flaws with firmware are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (including any con...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000334

    Group
    Show

  • The Dell OS10 Switch must generate log records for a locally developed list of auditable events.

    Auditing and logging are key components of any security architecture. Logging the actions of specific events provides a means to investigate an attack; to recognize resource usage or capacity thres...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000335

    Group
    Show

  • The Dell OS10 Switch must enforce access restrictions associated with changes to the system components.

    Changes to the hardware or software components of the network device can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals should...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000344

    Group
    Show

  • The Dell OS10 Switch must obtain its public key certificates from an appropriate certificate policy through an approved service provider.

    For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000350

    Group
    Show

  • The Dell OS10 Switch must be configured to send log data to at least two central log servers for the purpose of forwarding alerts to the administrators and the information system security officer (ISSO).

    The aggregation of log data kept on a syslog server can be used to detect attacks and trigger an alert to the appropriate security personnel. The stored log data can used to detect weaknesses in se...
    Rule High Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules