DISA STIG VMware vSphere 6.7 Virtual Machine v1r2

Audit Details

Name: DISA STIG VMware vSphere 6.7 Virtual Machine v1r2

Updated: 6/10/2022

Authority: DISA STIG

Plugin: VMware

Revision: 1.0

Estimated Item Count: 24

File Details

Filename: DISA_STIG_VMware_vSphere_6.7_Virtual_Machine_v1r2.audit

Size: 107 kB

MD5: a2b82bd5a9b8b4d1ee64fd65aeab17b1
SHA256: 7e9a98ce0c1cc09f5b8c0ed3ba2526565644567362c0a7217efedbbe4b9fd14b

Audit Items

DescriptionCategories
VMCH-67-000001 - Copy operations must be disabled on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000002 - Drag and drop operations must be disabled on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000003 - Paste operations must be disabled on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000004 - Virtual disk shrinking must be disabled on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000005 - Virtual disk erasure must be disabled on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000006 - Independent, non-persistent disks must be not be used on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000007 - HGFS file transfers must be disabled on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000008 - Unauthorized floppy devices must be disconnected on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000009 - Unauthorized CD/DVD devices must be disconnected on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000010 - Unauthorized parallel devices must be disconnected on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000011 - Unauthorized serial devices must be disconnected on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000012 - Unauthorized USB devices must be disconnected on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000013 - Console connection sharing must be limited on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000014 - Console access through the VNC protocol must be disabled on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000015 - Informational messages from the virtual machine to the VMX file must be limited on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000016 - Unauthorized removal, connection and modification of devices must be prevented on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000017 - The virtual machine must not be able to obtain host information from the hypervisor.

CONFIGURATION MANAGEMENT

VMCH-67-000018 - Shared salt values must be disabled on the virtual machine.

CONFIGURATION MANAGEMENT

VMCH-67-000019 - Access to virtual machines through the dvfilter network APIs must be controlled.

CONFIGURATION MANAGEMENT

VMCH-67-000020 - System administrators must use templates to deploy virtual machines whenever possible.

CONFIGURATION MANAGEMENT

VMCH-67-000021 - Use of the virtual machine console must be minimized.

CONFIGURATION MANAGEMENT

VMCH-67-000022 - The virtual machine guest operating system must be locked when the last console connection is closed.

CONFIGURATION MANAGEMENT

VMCH-67-000023 - 3D features on the virtual machine must be disabled when not required.

CONFIGURATION MANAGEMENT

VMCH-67-000024 - Encryption must be enabled for vMotion on the virtual machine.

CONFIGURATION MANAGEMENT