| DISA_STIG_VMware_vSphere_7.0_EAM_v1r2.audit from DISA VMware vSphere 7.0 vCenter Appliance EAM v1r2 STIG | |
| VCEM-70-000001 - ESX Agent Manager must limit the amount of time that each Transmission Control Protocol (TCP) connection is kept alive. | ACCESS CONTROL |
| VCEM-70-000002 - ESX Agent Manager must limit the number of concurrent connections permitted. | ACCESS CONTROL |
| VCEM-70-000003 - ESX Agent Manager must limit the maximum size of a POST request. | ACCESS CONTROL |
| VCEM-70-000004 - ESX Agent Manager must protect cookies from cross-site scripting (XSS). | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCEM-70-000005 - ESX Agent Manager must record user access in a format that enables monitoring of remote access. | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCEM-70-000006 - ESX Agent Manager must generate log records for system startup and shutdown. | AUDIT AND ACCOUNTABILITY |
| VCEM-70-000007 - ESX Agent Manager log files must only be modifiable by privileged users. | AUDIT AND ACCOUNTABILITY |
| VCEM-70-000008 - ESX Agent Manager application files must be verified for their integrity. | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| VCEM-70-000009 - ESX Agent Manager must only run one webapp. | CONFIGURATION MANAGEMENT |
| VCEM-70-000010 - ESX Agent Manager must not be configured with unsupported realms. | CONFIGURATION MANAGEMENT |
| VCEM-70-000011 - ESX Agent Manager must be configured to limit access to internal packages. | CONFIGURATION MANAGEMENT |
| VCEM-70-000012 - ESX Agent Manager must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled. | CONFIGURATION MANAGEMENT |
| VCEM-70-000013 - ESX Agent Manager must have mappings set for Java servlet pages. | CONFIGURATION MANAGEMENT |
| VCEM-70-000014 - ESX Agent Manager must not have the Web Distributed Authoring (WebDAV) servlet installed. | CONFIGURATION MANAGEMENT |
| VCEM-70-000015 - ESX Agent Manager must be configured with memory leak protection. | CONFIGURATION MANAGEMENT |
| VCEM-70-000016 - ESX Agent Manager must not have any symbolic links in the web content directory tree. | CONFIGURATION MANAGEMENT |
| VCEM-70-000017 - ESX Agent Manager directory tree must have permissions in an out-of-the-box state - out-of-the box state. | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCEM-70-000018 - ESX Agent Manager must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail. | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCEM-70-000019 - ESX Agent Manager must limit the number of allowed connections. | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCEM-70-000020 - ESX Agent Manager must set URIEncoding to UTF-8 - URIEncoding to UTF-8. | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter-mapping | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000022 - ESX Agent Manager must set the welcome-file node to a default web page. | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000023 - ESX Agent Manager must not show directory listings. | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000024 - ESX Agent Manager must be configured to show error pages with minimal information. | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000025 - ESX Agent Manager must be configured to not show error reports. | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000026 - ESX Agent Manager must hide the server version. | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000027 - ESX Agent Manager must not enable support for TRACE requests. | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000028 - ESX Agent Manager must have the debug option disabled. | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000029 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files. | AUDIT AND ACCOUNTABILITY |
| VCEM-70-000030 - ESX Agent Manager must set the secure flag for cookies. | CONFIGURATION MANAGEMENT |
| VCEM-70-000031 - ESX Agent Manager must be configured with the appropriate ports. | CONFIGURATION MANAGEMENT |
| VCEM-70-000032 - ESX Agent Manager must disable the shutdown port. | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCEM-70-000033 - ESX Agent Manager default servlet must be set to 'readonly'. | CONFIGURATION MANAGEMENT |
