DISA STIG Docker Enterprise 2.x Linux/Unix UCP v1r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Docker Enterprise 2.x Linux/Unix UCP v1r1

Updated: 8/30/2021

Authority: DISA STIG

Plugin: Unix

Revision: 1.3

Estimated Item Count: 18

Audit Items

Description	Categories
DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_UCP_v1r1.audit from DISA Docker Enterprise 2.x Linux/Unix STIG v1r1
DKER-EE-001000 - The Docker Enterprise Per User Limit Login Session Control in the Universal Control Plane (UCP) Admin Settings must be set to an organization-defined value for all accounts and/or account types.	ACCESS CONTROL
DKER-EE-001080 - The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
DKER-EE-001100 - LDAP integration in Docker Enterprise must be configured.	ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set. - team member access	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
DKER-EE-001870 - The Docker Enterprise self-signed certificates in Universal Control Plane (UCP) must be replaced with DoD trusted, signed certificates.	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
DKER-EE-001890 - The option in Universal Control Plane (UCP) allowing users and administrators to schedule containers on all nodes, including UCP managers and Docker Trusted Registry (DTR) nodes must be disabled in Docker Enterprise.	CONFIGURATION MANAGEMENT
DKER-EE-001910 - Periodic data usage and analytics reporting in Universal Control Plane (UCP) must be disabled in Docker Enterprise.	CONFIGURATION MANAGEMENT
DKER-EE-002180 - SAML integration must be enabled in Docker Enterprise.	IDENTIFICATION AND AUTHENTICATION
DKER-EE-002490 - The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise. - lifetime_minutes	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
DKER-EE-002490 - The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise. - renewal_threshold_minutes	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
DKER-EE-002970 - The Docker Enterprise per user limit login session control must be set per the requirements in the System Security Plan (SSP).	ACCESS CONTROL
DKER-EE-003590 - Content Trust enforcement must be enabled in Universal Control Plane (UCP) in Docker Enterprise.	CONFIGURATION MANAGEMENT
DKER-EE-003920 - Universal Control Plane (UCP) must be integrated with a trusted certificate authority (CA) in Docker Enterprise.	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
DKER-EE-004370 - Docker Content Trust enforcement must be enabled in Universal Control Plane (UCP).	CONFIGURATION MANAGEMENT
DKER-EE-006190 - Docker Enterprise Universal Control Plane (UCP) must be integrated with a trusted certificate authority (CA).	CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
DKER-EE-006280 - Docker Enterprise Universal Control Plane (UCP) must be configured to use TLS 1.2.	ACCESS CONTROL