Skip to content
Log In

II - Mission Support Classified

Rules and Groups employed by this XCCDF Profile

  • Rancher RKE2 components must be configured in accordance with the security configuration settings based on DOD security configuration or implementation guidance, including SRGs, STIGs, NSA configuration guides, CTOs, and DTMs.

    Once an attacker establishes access to a system, the attacker often attempts to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to modify an exi...
    Rule Medium Severity
    Show

  • SRG-APP-000033-CTR-000090

    Group
    Show

  • The Kubernetes Controller Manager must have secure binding.

    Limiting the number of attack vectors and implementing authentication and encryption on the endpoints available to external sources is paramount when securing the overall Kubernetes cluster. The Co...
    Rule Medium Severity
    Show

  • SRG-APP-000033-CTR-000090

    Group
    Show

  • The Kubernetes Kubelet must have anonymous authentication disabled.

    RKE2 registry is used to store images and is the keeper of truth for trusted images within the platform. To guarantee the images' integrity, access to the registry must be limited to those individu...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules