DISA_VMware_vSphere_8.0_vCenter_Appliance_Photon_OS_4.0_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1

PHTN-40-000003 The Photon operating system must audit all account creations.

800-53|AC-2(4)

800-53|AU-12c.

CAT|II

CCI|CCI-000018

CCI|CCI-000172

Rule-ID|SV-258801r958368_rule

STIG-ID|PHTN-40-000003

Vuln-ID|V-258801

PHTN-40-000004 The Photon operating system must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.

800-53|AC-7a.

CCI|CCI-000044

Rule-ID|SV-258802r958388_rule

STIG-ID|PHTN-40-000004

Vuln-ID|V-258802

PHTN-40-000005 The Photon operating system must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system.

800-53|AC-8a.

800-53|AC-8c.1.

CCI|CCI-000048

CCI|CCI-001384

Rule-ID|SV-258803r958390_rule

STIG-ID|PHTN-40-000005

Vuln-ID|V-258803

PHTN-40-000007 The Photon operating system must limit the number of concurrent sessions to ten for all accounts and/or account types.

800-53|AC-10

CAT|III

CCI|CCI-000054

Rule-ID|SV-258804r958398_rule

STIG-ID|PHTN-40-000007

Vuln-ID|V-258804

PHTN-40-000012 The Photon operating system must monitor remote access logins.

800-53|AC-17(1)

CCI|CCI-000067

Rule-ID|SV-258805r958406_rule

STIG-ID|PHTN-40-000012

Vuln-ID|V-258805

PHTN-40-000013 The Photon operating system must have the OpenSSL FIPS provider installed to protect the confidentiality of remote access sessions.

800-53|AC-17(2)

800-53|MA-4(6)

800-53|SC-8

800-53|SC-8(2)

CAT|I

CCI|CCI-000068

CCI|CCI-002418

CCI|CCI-002420

CCI|CCI-002422

CCI|CCI-002890

CCI|CCI-003123

Rule-ID|SV-258806r958408_rule

STIG-ID|PHTN-40-000013

Vuln-ID|V-258806

PHTN-40-000014 The Photon operating system must configure auditd to log to disk.

800-53|AU-3

CCI|CCI-000130

Rule-ID|SV-258807r958412_rule

STIG-ID|PHTN-40-000014

Vuln-ID|V-258807

PHTN-40-000016 The Photon operating system must enable the auditd service.

800-53|AU-3(1)

800-53|AU-12a.

800-53|CM-3(5)

800-53|SI-6b.

CCI|CCI-000132

CCI|CCI-000133

CCI|CCI-000134

CCI|CCI-000135

CCI|CCI-000169

CCI|CCI-001487

CCI|CCI-001744

CCI|CCI-002699

CCI|CCI-003938

Rule-ID|SV-258808r1003628_rule

STIG-ID|PHTN-40-000016

Vuln-ID|V-258808

PHTN-40-000019 The Photon operating system must be configured to audit the execution of privileged functions.

800-53|AC-6(8)

CCI|CCI-002233

Rule-ID|SV-258809r958422_rule

STIG-ID|PHTN-40-000019

Vuln-ID|V-258809

PHTN-40-000021 The Photon operating system must alert the ISSO and SA in the event of an audit processing failure.

800-53|AU-5(2)

800-53|AU-5a.

CCI|CCI-000139

CCI|CCI-001858

Rule-ID|SV-258810r958424_rule

STIG-ID|PHTN-40-000021

Vuln-ID|V-258810

PHTN-40-000026 The Photon operating system must protect audit logs from unauthorized access.

800-53|AU-9

CCI|CCI-000162

CCI|CCI-000163

CCI|CCI-000164

Rule-ID|SV-258811r958434_rule

STIG-ID|PHTN-40-000026

Vuln-ID|V-258811

PHTN-40-000030 The Photon operating system must allow only authorized users to configure the auditd service.

800-53|AU-12b.

CCI|CCI-000171

Rule-ID|SV-258812r958444_rule

STIG-ID|PHTN-40-000030

Vuln-ID|V-258812

PHTN-40-000031 The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur.

Rule-ID|SV-258813r958446_rule

STIG-ID|PHTN-40-000031

Vuln-ID|V-258813

PHTN-40-000035 The Photon operating system must enforce password complexity by requiring that at least one uppercase character be used.

800-53|IA-5(1)(a)

CCI|CCI-004066

Rule-ID|SV-258814r1003629_rule

STIG-ID|PHTN-40-000035

Vuln-ID|V-258814

PHTN-40-000036 The Photon operating system must enforce password complexity by requiring that at least one lowercase character be used.

Rule-ID|SV-258815r1003630_rule

STIG-ID|PHTN-40-000036

Vuln-ID|V-258815

PHTN-40-000037 The Photon operating system must enforce password complexity by requiring that at least one numeric character be used.

Rule-ID|SV-258816r1003631_rule

STIG-ID|PHTN-40-000037

Vuln-ID|V-258816

PHTN-40-000038 The Photon operating system must require the change of at least eight characters when passwords are changed.

Rule-ID|SV-258817r1003632_rule

STIG-ID|PHTN-40-000038

Vuln-ID|V-258817

PHTN-40-000039 The operating system must store only encrypted representations of passwords.

800-53|IA-5(1)(d)

CCI|CCI-004062

Rule-ID|SV-258818r1003633_rule

STIG-ID|PHTN-40-000039

Vuln-ID|V-258818

PHTN-40-000040 The Photon operating system must not have the telnet package installed.

800-53|IA-5(1)(c)

CCI|CCI-000197

Rule-ID|SV-258819r987796_rule

STIG-ID|PHTN-40-000040

Vuln-ID|V-258819

PHTN-40-000041 The Photon operating system must enforce one day as the minimum password lifetime.

Rule-ID|SV-258820r1003634_rule

STIG-ID|PHTN-40-000041

Vuln-ID|V-258820

PHTN-40-000042 The Photon operating systems must enforce a 90-day maximum password lifetime restriction.

Rule-ID|SV-258821r1003636_rule

STIG-ID|PHTN-40-000042

Vuln-ID|V-258821

PHTN-40-000043 The Photon operating system must prohibit password reuse for a minimum of five generations.

800-53|IA-5(1)(b)

CCI|CCI-004061

Rule-ID|SV-258822r1003637_rule

STIG-ID|PHTN-40-000043

Vuln-ID|V-258822

PHTN-40-000044 The Photon operating system must enforce a minimum 15-character password length.

Rule-ID|SV-258823r1003638_rule

STIG-ID|PHTN-40-000044

Vuln-ID|V-258823

PHTN-40-000046 The Photon operating system must require authentication upon booting into single-user and maintenance modes.

800-53|AC-3

CCI|CCI-000213

Rule-ID|SV-258824r958472_rule

STIG-ID|PHTN-40-000046

Vuln-ID|V-258824

PHTN-40-000047 The Photon operating system must disable unnecessary kernel modules.

800-53|CM-7a.

800-53|IA-3

CCI|CCI-000381

CCI|CCI-000778

Rule-ID|SV-258825r1003641_rule

STIG-ID|PHTN-40-000047

Vuln-ID|V-258825

PHTN-40-000049 The Photon operating system must not have duplicate User IDs (UIDs).

800-53|IA-2

CCI|CCI-000764

Rule-ID|SV-258826r958482_rule

STIG-ID|PHTN-40-000049

Vuln-ID|V-258826

PHTN-40-000059 The Photon operating system must use mechanisms meeting the requirements of applicable federal laws, Executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module.

800-53|IA-7

CCI|CCI-000803

Rule-ID|SV-258827r971535_rule

STIG-ID|PHTN-40-000059

Vuln-ID|V-258827

PHTN-40-000067 The Photon operating system must restrict access to the kernel message buffer.

800-53|SC-4

CCI|CCI-001090

Rule-ID|SV-258828r958524_rule

STIG-ID|PHTN-40-000067

Vuln-ID|V-258828

PHTN-40-000068 The Photon operating system must be configured to use TCP syncookies.

800-53|SC-5

800-53|SC-5(2)

CCI|CCI-001095

CCI|CCI-002385

Rule-ID|SV-258829r958528_rule

STIG-ID|PHTN-40-000068

Vuln-ID|V-258829

PHTN-40-000069 The Photon operating system must terminate idle Secure Shell (SSH) sessions after 15 minutes.

Detections

Analytics

DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1

Audit Details

File Details

Audit Changelog

Revision 1.1

Functional Update

Miscellaneous