Skip to content

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000125-NDM-000241

    <GroupDescription></GroupDescription>
    Group
  • The DBN-6300 must back up audit records at least every seven days onto a different system or system component than the system or component being audited.

    &lt;VulnDiscussion&gt;Protection of log data includes assuring log data is not accidentally lost or deleted. Regularly backing up audit records to ...
    Rule Low Severity
  • SRG-APP-000148-NDM-000346

    <GroupDescription></GroupDescription>
    Group
  • The DBN-6300 must uniquely identify and authenticate organizational administrators (or processes acting on behalf of organizational administrators).

    &lt;VulnDiscussion&gt;To ensure accountability and prevent unauthenticated access, organizational administrators must be uniquely identified and au...
    Rule High Severity
  • SRG-APP-000149-NDM-000247

    <GroupDescription></GroupDescription>
    Group
  • The DBN-6300 must use multifactor authentication for network access (remote and nonlocal) to privileged accounts.

    &lt;VulnDiscussion&gt;Multifactor authentication requires using two or more factors to achieve authentication. Factors include: (i) something a u...
    Rule Medium Severity
  • SRG-APP-000151-NDM-000248

    <GroupDescription></GroupDescription>
    Group
  • The DBN-6300 must use multifactor authentication for local access to privileged accounts.

    &lt;VulnDiscussion&gt;Multifactor authentication is defined as using two or more factors to achieve authentication. Factors include: (i) Somethin...
    Rule Medium Severity
  • SRG-APP-000156-NDM-000250

    <GroupDescription></GroupDescription>
    Group
  • The DBN-6300 must implement replay-resistant authentication mechanisms for network access to privileged accounts.

    &lt;VulnDiscussion&gt;A replay attack may enable an unauthorized user to gain access to the application. Authentication sessions between the authen...
    Rule Medium Severity
  • SRG-APP-000164-NDM-000252

    <GroupDescription></GroupDescription>
    Group
  • The DBN-6300 must enforce a minimum 15-character password length.

    &lt;VulnDiscussion&gt;Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute...
    Rule Medium Severity
  • SRG-APP-000165-NDM-000253

    <GroupDescription></GroupDescription>
    Group
  • The DBN-6300 must prohibit password reuse for a minimum of five generations.

    &lt;VulnDiscussion&gt;Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute...
    Rule Medium Severity
  • SRG-APP-000166-NDM-000254

    <GroupDescription></GroupDescription>
    Group
  • If multifactor authentication is not supported and passwords must be used, the DBN-6300 must enforce password complexity by requiring that at least one upper-case character be used.

    &lt;VulnDiscussion&gt;Use of a complex passwords helps to increase the time and resources required to compromise the password. Password complexity,...
    Rule Medium Severity
  • SRG-APP-000167-NDM-000255

    <GroupDescription></GroupDescription>
    Group
  • If multifactor authentication is not supported and passwords must be used, the DBN-6300 must enforce password complexity by requiring that at least one lower-case character be used.

    &lt;VulnDiscussion&gt;Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...
    Rule Medium Severity
  • SRG-APP-000168-NDM-000256

    <GroupDescription></GroupDescription>
    Group
  • If multifactor authentication is not supported and passwords must be used, the DBN-6300 must enforce password complexity by requiring that at least one numeric character be used.

    &lt;VulnDiscussion&gt;Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules