III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000457-NDM-000352
Group -
The application must install security-relevant firmware updates within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).
Security flaws with firmware are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (including any con...Rule Medium Severity -
SRG-APP-000516-NDM-000334
Group -
The Dell OS10 Switch must generate log records for a locally developed list of auditable events.
Auditing and logging are key components of any security architecture. Logging the actions of specific events provides a means to investigate an attack; to recognize resource usage or capacity thres...Rule Medium Severity -
SRG-APP-000516-NDM-000335
Group -
The Dell OS10 Switch must enforce access restrictions associated with changes to the system components.
Changes to the hardware or software components of the network device can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals should...Rule Medium Severity -
SRG-APP-000516-NDM-000344
Group -
The Dell OS10 Switch must obtain its public key certificates from an appropriate certificate policy through an approved service provider.
For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure...Rule Medium Severity -
SRG-APP-000516-NDM-000350
Group -
The Dell OS10 Switch must be configured to send log data to at least two central log servers for the purpose of forwarding alerts to the administrators and the information system security officer (ISSO).
The aggregation of log data kept on a syslog server can be used to detect attacks and trigger an alert to the appropriate security personnel. The stored log data can used to detect weaknesses in se...Rule High Severity -
SRG-APP-000516-NDM-000351
Group -
The Dell OS10 Switch must be running an operating system release that is currently supported by Dell.
Network devices running an unsupported operating system lack current security fixes required to mitigate the risks associated with recent vulnerabilities.Rule High Severity -
SRG-APP-000845-NDM-000220
Group -
The Dell OS10 Switch must not have any default manufacturer passwords when deployed.
Password-based authentication applies to passwords regardless of whether they are used in single-factor or multifactor authentication. Long passwords or passphrases are preferable over shorter pass...Rule Medium Severity -
SRG-APP-000516
Group -
The Dell OS10 Switch must be configured to use at least two authentication servers for the purpose of authenticating users prior to granting administrative access.
Centralized management of authentication settings increases the security of remote and nonlocal access methods. This control is particularly important protection against the insider threat. With ro...Rule High Severity -
SRG-APP-000920-NDM-000320
Group -
The Dell OS10 Switch must be configured to synchronize internal information system clocks using redundant authoritative time sources.
The loss of connectivity to a particular authoritative time source will result in the loss of time synchronization (free-run mode) and increasingly inaccurate time stamps on audit events and other ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.