Skip to content
Log In

I - Mission Critical Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000131-NDM-000243

    Group
    Show

  • The HYCU virtual appliance must prevent the installation of patches, service packs, or application components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.

    Changes to any software components can have significant effects on the overall security of the network device. Verifying software components have been digitally signed using a certificate that is r...
    Rule Medium Severity
    Show

  • SRG-APP-000457-NDM-000352

    Group
    Show

  • The HYCU virtual appliance must install security-relevant software updates within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).

    Security flaws with software are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (including any con...
    Rule Medium Severity
    Show

  • SRG-APP-000190-NDM-000267

    Group
    Show

  • The HYCU virtual appliance must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.

    Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port th...
    Rule High Severity
    Show

  • SRG-APP-000224-NDM-000270

    Group
    Show

  • The HYCU virtual appliance must generate unique session identifiers using a FIPS 140-2 approved random number generator.

    Sequentially generated session IDs can be easily guessed by an attacker. Employing the concept of randomness in the generation of unique session identifiers helps to protect against brute-force att...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000350

    Group
    Show

  • The HYCU virtual appliance must be configured to send log data to at least two central log servers for the purpose of forwarding alerts to the administrators and the information system security officer (ISSO).

    The aggregation of log data kept on a syslog server can be used to detect attacks and trigger an alert to the appropriate security personnel. The stored log data can used to detect weaknesses in se...
    Rule High Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules