DISA STIG VMware vSphere 6.7 Photon OS v1r3

Audit Details

Name: DISA STIG VMware vSphere 6.7 Photon OS v1r3

Updated: 6/10/2022

Authority: DISA STIG

Plugin: Unix

Revision: 1.0

Estimated Item Count: 202

File Details

Filename: DISA_STIG_VMware_vSphere_6.7_Photon_OS_v1r3.audit

Size: 319 kB

MD5: 2fdc455d0e244955e1fd1453f20e3103
SHA256: f883a5c9b8ad5204426de2583f8846a5744cf3b7c8a9c899132f42854c35f011

Audit Items

DescriptionCategories
DISA_STIG_VMware_vSphere_6.7_Photon_OS_v1r3.audit from DISA VMware vSphere 6.7 Photon OS v1r3 STIG
PHTN-67-000001 - The Photon operating system must audit all account creations - groupadd

ACCESS CONTROL

PHTN-67-000001 - The Photon operating system must audit all account creations - useradd

ACCESS CONTROL

PHTN-67-000002 - The Photon operating system must automatically lock an account when three unsuccessful logon attempts occur.

ACCESS CONTROL

PHTN-67-000003 - The Photon operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting SSH access - content

ACCESS CONTROL

PHTN-67-000003 - The Photon operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting SSH access - ssh

ACCESS CONTROL

PHTN-67-000004 - The Photon operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types.

ACCESS CONTROL

PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - duration

ACCESS CONTROL, MAINTENANCE

PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - export

ACCESS CONTROL, MAINTENANCE

PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - mesg

ACCESS CONTROL, MAINTENANCE

PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - readonly

ACCESS CONTROL, MAINTENANCE

PHTN-67-000006 - The Photon operating system must have the sshd SyslogFacility set to 'authpriv' - authpriv.

ACCESS CONTROL

PHTN-67-000007 - The Photon operating system must have sshd authentication logging enabled.

ACCESS CONTROL

PHTN-67-000008 - The Photon operating system must have the sshd LogLevel set to 'INFO' - INFO.

ACCESS CONTROL

PHTN-67-000009 - The Photon operating system must configure sshd to use approved encryption algorithms.

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

PHTN-67-000010 - The Photon operating system must configure auditd to log to disk.

AUDIT AND ACCOUNTABILITY

PHTN-67-000011 - The Photon operating system must configure auditd to use the correct log format.

AUDIT AND ACCOUNTABILITY

PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - gid 32

AUDIT AND ACCOUNTABILITY, MAINTENANCE

PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - gid 64

AUDIT AND ACCOUNTABILITY, MAINTENANCE

PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - uid 32

AUDIT AND ACCOUNTABILITY, MAINTENANCE

PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - uid 64

AUDIT AND ACCOUNTABILITY, MAINTENANCE

PHTN-67-000013 - The Photon operating system audit log must log space limit problems to syslog.

AUDIT AND ACCOUNTABILITY

PHTN-67-000014 - The Photon operating system audit log must attempt to log audit failures to syslog - admin_space_left_action

AUDIT AND ACCOUNTABILITY

PHTN-67-000014 - The Photon operating system audit log must attempt to log audit failures to syslog - disk_error_action

AUDIT AND ACCOUNTABILITY

PHTN-67-000014 - The Photon operating system audit log must attempt to log audit failures to syslog - disk_full_action

AUDIT AND ACCOUNTABILITY

PHTN-67-000015 - The Photon operating system audit log must have correct permissions.

AUDIT AND ACCOUNTABILITY

PHTN-67-000016 - The Photon operating system audit log must be owned by root.

AUDIT AND ACCOUNTABILITY

PHTN-67-000017 - The Photon operating system audit log must be group-owned by root.

AUDIT AND ACCOUNTABILITY

PHTN-67-000018 - The Photon operating system must have the auditd service running.

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

PHTN-67-000019 - The Photon operating system must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.

AUDIT AND ACCOUNTABILITY

PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - 32

AUDIT AND ACCOUNTABILITY

PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - 64

AUDIT AND ACCOUNTABILITY

PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - uid 32

AUDIT AND ACCOUNTABILITY

PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - uid 64

AUDIT AND ACCOUNTABILITY

PHTN-67-000021 - The Photon operating system must enforce password complexity by requiring that at least one uppercase character be used.

IDENTIFICATION AND AUTHENTICATION

PHTN-67-000022 - The Photon operating system must enforce password complexity by requiring that at least one lowercase character be used.

IDENTIFICATION AND AUTHENTICATION

PHTN-67-000023 - The Photon operating system must enforce password complexity by requiring that at least one numeric character be used.

IDENTIFICATION AND AUTHENTICATION

PHTN-67-000024 - The Photon operating system must require that new passwords are at least four characters different from the old password.

IDENTIFICATION AND AUTHENTICATION

PHTN-67-000025 - The Photon operating system must store only encrypted representations of passwords.

IDENTIFICATION AND AUTHENTICATION

PHTN-67-000026 - The Photon operating system must store only encrypted representations of passwords.

IDENTIFICATION AND AUTHENTICATION

PHTN-67-000027 - The Photon operating system must be configured so that passwords for new users are restricted to a 24-hour minimum lifetime.

IDENTIFICATION AND AUTHENTICATION

PHTN-67-000028 - The Photon operating system must be configured so that passwords for new users are restricted to a 90-day maximum lifetime.

IDENTIFICATION AND AUTHENTICATION

PHTN-67-000029 - The Photon operating system must prohibit password reuse for a minimum of five generations.

IDENTIFICATION AND AUTHENTICATION

PHTN-67-000030 - The Photon operating system must ensure old passwords are being stored.

IDENTIFICATION AND AUTHENTICATION

PHTN-67-000031 - The Photon operating system must enforce a minimum eight-character password length.

IDENTIFICATION AND AUTHENTICATION

PHTN-67-000032 - The Photon operating system must only allow installation of packages signed by VMware.

CONFIGURATION MANAGEMENT

PHTN-67-000033 - The Photon operating system must disable the loading of unnecessary kernel modules - appletalk

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

PHTN-67-000033 - The Photon operating system must disable the loading of unnecessary kernel modules - bluetooth

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

PHTN-67-000033 - The Photon operating system must disable the loading of unnecessary kernel modules - cramfs

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

PHTN-67-000033 - The Photon operating system must disable the loading of unnecessary kernel modules - dccp

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION