I - Mission Critical Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000164
Group -
The Dragos Platform must configure local password policies.
The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised. Password complexity, or strength, is a measure of the effectivene...Rule Medium Severity -
SRG-APP-000231
Group -
Dragos must use FIPS-validated encryption and hashing algorithms to protect the confidentiality and integrity of application configuration files and user-generated data stored or aggregated on the device.
Confidentiality and integrity protections are intended to address the confidentiality and integrity of system information at rest (e.g., network device rule sets) when it is located on a storage de...Rule Medium Severity -
SRG-APP-000291
Group -
The Dragos Platform must notify system administrators and information system security officer (ISSO) of local account activity.
Once an attacker establishes access to an application, the attacker often attempts to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to simply ...Rule Medium Severity -
SRG-APP-000357
Group -
Dragos Platform must allocate audit record storage retention length.
In order to ensure applications have a sufficient storage capacity in which to write the audit logs, applications need to be able to allocate audit record storage capacity. The task of allocating ...Rule Medium Severity -
SRG-APP-000383
Group -
The Syslog client must use TCP connections.
Removal of unneeded or nonsecure functions, ports, protocols, and services mitigate the risk of unauthorized connection of devices, unauthorized transfer of information, or other exploitation of th...Rule Medium Severity -
SRG-APP-000402
Group -
Dragos Platform must accept the DOD CAC or other PKI credential for identity management and personal authentication.
The use of Personal Identity Verification (PIV) credentials facilitates standardization and reduces the risk of unauthorized access. PIV credentials are those credentials issued by federal agencie...Rule Medium Severity -
SRG-APP-000427
Group -
The Dragos Platform must only allow the use of DOD PKI established certificate authorities for verification of the establishment of protected sessions.
Untrusted Certificate Authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient secur...Rule Medium Severity -
SRG-APP-000471
Group -
The Dragos Platform must alert the information system security officer (ISSO), information system security manager (ISSM), and other individuals designated by the local organization when events are detected that indicate a compromise or potential for compromise.
When a security event occurs, Dragos Platform must immediately notify the appropriate support personnel so they can respond appropriately. Alerts may be generated from a variety of sources, includ...Rule Medium Severity -
SRG-APP-000570
Group -
Before establishing a network connection with a Network Time Protocol (NTP) server, Dragos Platform must authenticate using a bidirectional, cryptographically based authentication method that uses a FIPS-validated Advanced Encryption Standard (AES) cipher block algorithm to authenticate with the NTP server.
Without device-to-device authentication, communications with malicious devices may be established. Bidirectional authentication provides stronger safeguards to validate the identity of other device...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.