I - Mission Critical Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000516-WSR-000174
Group -
VAMI must disable client-initiated Transport Layer Security (TLS) renegotiation.
All versions of the Secure Sockets Layer (SSL) and TLS protocols (up to and including TLS 1.2) are vulnerable to a man-in-the-middle attack (CVE-2009-3555) during a renegotiation. This vulnerabilit...Rule Medium Severity -
SRG-APP-000266-WSR-000159
Group -
VAMI must be configured to hide the server type and version in client responses.
Web servers will often display error messages to client users, displaying enough information to aid in the debugging of the error. The information given back in error messages may display the web s...Rule Medium Severity -
SRG-APP-000179-WSR-000111
Group -
VAMI must enable FIPS mode.
Encryption is only as good as the encryption modules used. Unapproved cryptographic module algorithms cannot be verified and cannot be relied on to provide confidentiality or integrity, and DOD dat...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules