DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware

Audit Details

Name: DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware

Updated: 4/25/2022

Authority: DISA STIG

Plugin: Unix

Revision: 1.4

Estimated Item Count: 92

File Details

Filename: DISA_STIG_IBM_WebSphere_Traditional_9_v1r1_Middleware.audit

Size: 197 kB

MD5: dae147f2fb6654367f2dfdab703423ba
SHA256: 90ed46da546db31defe0e893b3cd85764adab5862e4e6e2c54736f46bfcb545d

Audit Items

DescriptionCategories
DISA_IBM_WebSphere_Traditional_9_v1r1_Middleware.audit for DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware
WBSP-AS-000010 - The WebSphere Application Server maximum in-memory session count must be set according to application requirements.

ACCESS CONTROL

WBSP-AS-000020 - The WebSphere Application Server admin console session timeout must be configured.

ACCESS CONTROL

WBSP-AS-000070 - The WebSphere Application Server security auditing must be enabled.

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

WBSP-AS-000080 - WebSphere Application Server groups mapped to WebSphere auditor roles must be configured in accordance with security plan

ACCESS CONTROL

WBSP-AS-000090 - The WebSphere Application Server users WebSphere auditor role must be configured in accordance with System Security Plan.

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WBSP-AS-000100 - The WebSphere Application Server audit event type filters must be configured.

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WBSP-AS-000110 - The WebSphere Application Server audit service provider must be enabled.

ACCESS CONTROL

WBSP-AS-000120 - The WebSphere Application Server automatic repository checkpoints must be enabled to track configuration changes - depth

ACCESS CONTROL

WBSP-AS-000120 - The WebSphere Application Server automatic repository checkpoints must be enabled to track configuration changes - enabled

ACCESS CONTROL

WBSP-AS-000130 - The WebSphere Application Server administrative security must be enabled.

ACCESS CONTROL

WBSP-AS-000140 - The WebSphere Application Server bus security must be enabled.

ACCESS CONTROL

WBSP-AS-000150 - The WebSphere Application Server users in a local user registry group must be authorized for that group.

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

WBSP-AS-000160 - The WebSphere Application Server Quality of Protection (QoP) must be set to use TLSv1.2 or higher.

ACCESS CONTROL

WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - administrative security

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - application security

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

WBSP-AS-000180 - The WebSphere Application Server Single Sign On (SSO) must have SSL enabled for Web and SIP Security.

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

WBSP-AS-000190 - The WebSphere Application Server security cookies must be set to HTTPOnly.

ACCESS CONTROL

WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled.

ACCESS CONTROL

WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed.

ACCESS CONTROL

WBSP-AS-000220 - The WebSphere Application Server users in the admin role must be authorized.

ACCESS CONTROL, CONFIGURATION MANAGEMENT

WBSP-AS-000230 - The WebSphere Application Server LDAP groups must be authorized for the WebSphere role.

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

WBSP-AS-000240 - The WebSphere Application Server users in a LDAP user registry group must be authorized for that group.

ACCESS CONTROL

WBSP-AS-000310 - The WebSphere Application Server management interface must display the Standard Mandatory DoD Notice and Consent Banner

ACCESS CONTROL

WBSP-AS-000320 - The WebSphere Application Server management interface must retain the Standard Mandatory DoD Notice and Consent Banner

ACCESS CONTROL

WBSP-AS-000380 - The WebSphere Application Server must generate log records when attempts to access subject privileges occur.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000580 - The WebSphere Application Server must allocate JVM log record storage capacity in accordance with requirements - err

AUDIT AND ACCOUNTABILITY

WBSP-AS-000580 - The WebSphere Application Server must allocate JVM log record storage capacity in accordance with requirements - out

AUDIT AND ACCOUNTABILITY

WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxFileSize

AUDIT AND ACCOUNTABILITY

WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxLogs

AUDIT AND ACCOUNTABILITY

WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - notification

AUDIT AND ACCOUNTABILITY

WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - enabled

AUDIT AND ACCOUNTABILITY

WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - enabled

AUDIT AND ACCOUNTABILITY

WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - notification

AUDIT AND ACCOUNTABILITY

WBSP-AS-000650 - The WebSphere Application Server audit subsystem failure action must be set to Log warning.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000660 - The WebSphere Application Server must shut down by default upon log failure (unless availability is an overriding concern).

AUDIT AND ACCOUNTABILITY

WBSP-AS-000670 - The WebSphere Application Server high availability applications must be configured to fail over in log subsystem failure.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000740 - The WebSphere Application Server must be configured to protect log information from any type of unauthorized read access.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000750 - The WebSphere Application Server must protect log information from unauthorized modification.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000760 - The WebSphere Application Server must protect log information from unauthorized deletion.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000770 - The WebSphere Application Server wsadmin file must be protected from unauthorized access.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000780 - The WebSphere Application Server wsadmin file must be protected from unauthorized modification.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000790 - The WebSphere Application Server wsadmin file must be protected from unauthorized deletion.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000810 - The WebSphere Application Server must be configured to encrypt log information.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000820 - The WebSphere Application Server must be configured to sign log information.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000910 - The WebSphere Application Server process must not be started from the command line with the -password option.

CONFIGURATION MANAGEMENT

WBSP-AS-000920 - The WebSphere Application Server files must be owned by the non-root WebSphere user ID.

CONFIGURATION MANAGEMENT

WBSP-AS-000930 - The WebSphere Application Server sample applications must be removed.

CONFIGURATION MANAGEMENT

WBSP-AS-000940 - The WebSphere Application Server must remove JREs left by web server and plug-in installers in the DMZ.

CONFIGURATION MANAGEMENT

WBSP-AS-000960 - The WebSphere Application Server must be run as a non-admin user.

CONFIGURATION MANAGEMENT