DISA IBM WebSphere Traditional 9 Windows STIG v1r1

Audit Details

Name: DISA IBM WebSphere Traditional 9 Windows STIG v1r1

Updated: 12/3/2024

Authority: DISA STIG

Plugin: Windows

Revision: 1.18

Estimated Item Count: 90

File Details

Filename: DISA_STIG_IBM_WebSphere_Traditional_9_Windows_v1r1.audit

Size: 228 kB

MD5: a8982efda5300cc5e54a655f0d7af3be
SHA256: 3cf0584bca80ba13b36fea3491110c5948d3ba788a42d6b5baa9bfdfe580502a

Audit Items

DescriptionCategories
DISA_IBM_WebSphere_Traditional_9_Windows_v1r1.audit for DISA IBM WebSphere Traditional 9 STIG v1r1
WBSP-AS-000010 - The WebSphere Application Server maximum in-memory session count must be set according to application requirements.

ACCESS CONTROL

WBSP-AS-000020 - The WebSphere Application Server admin console session timeout must be configured.

ACCESS CONTROL

WBSP-AS-000070 - The WebSphere Application Server security auditing must be enabled.

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

WBSP-AS-000080 - WebSphere Application Server groups mapped to WebSphere auditor roles must be configured in accordance with security plan

ACCESS CONTROL

WBSP-AS-000090 - The WebSphere Application Server users WebSphere auditor role must be configured in accordance with System Security Plan.

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WBSP-AS-000100 - The WebSphere Application Server audit event type filters must be configured.

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WBSP-AS-000110 - The WebSphere Application Server audit service provider must be enabled.

ACCESS CONTROL

WBSP-AS-000120 - The WebSphere Application Server automatic repository checkpoints must be enabled to track configuration changes - depth

ACCESS CONTROL

WBSP-AS-000120 - The WebSphere Application Server automatic repository checkpoints must be enabled to track configuration changes - enabled

ACCESS CONTROL

WBSP-AS-000130 - The WebSphere Application Server administrative security must be enabled.

ACCESS CONTROL

WBSP-AS-000140 - The WebSphere Application Server bus security must be enabled.

ACCESS CONTROL

WBSP-AS-000150 - The WebSphere Application Server users in a local user registry group must be authorized for that group.

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

WBSP-AS-000160 - The WebSphere Application Server Quality of Protection (QoP) must be set to use TLSv1.2 or higher.

ACCESS CONTROL

WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - administrative security

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - application security

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

WBSP-AS-000180 - The WebSphere Application Server Single Sign On (SSO) must have SSL enabled for Web and SIP Security.

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

WBSP-AS-000190 - The WebSphere Application Server security cookies must be set to HTTPOnly.

ACCESS CONTROL

WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled.

ACCESS CONTROL

WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed.

ACCESS CONTROL

WBSP-AS-000220 - The WebSphere Application Server users in the admin role must be authorized.

ACCESS CONTROL, CONFIGURATION MANAGEMENT

WBSP-AS-000230 - The WebSphere Application Server LDAP groups must be authorized for the WebSphere role.

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

WBSP-AS-000240 - The WebSphere Application Server users in a LDAP user registry group must be authorized for that group.

ACCESS CONTROL

WBSP-AS-000310 - The WebSphere Application Server management interface must display the Standard Mandatory DoD Notice and Consent Banner

ACCESS CONTROL

WBSP-AS-000320 - The WebSphere Application Server management interface must retain the Standard Mandatory DoD Notice and Consent Banner

ACCESS CONTROL

WBSP-AS-000380 - The WebSphere Application Server must generate log records when attempts to access subject privileges occur.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000580 - The WebSphere Application Server must allocate JVM log record storage capacity in accordance with requirements - err

AUDIT AND ACCOUNTABILITY

WBSP-AS-000580 - The WebSphere Application Server must allocate JVM log record storage capacity in accordance with requirements - out

AUDIT AND ACCOUNTABILITY

WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxFileSize

AUDIT AND ACCOUNTABILITY

WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxLogs

AUDIT AND ACCOUNTABILITY

WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - enabled

AUDIT AND ACCOUNTABILITY

WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - enabled

AUDIT AND ACCOUNTABILITY

WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - notification

AUDIT AND ACCOUNTABILITY

WBSP-AS-000650 - The WebSphere Application Server audit subsystem failure action must be set to Log warning.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000660 - The WebSphere Application Server must shut down by default upon log failure (unless availability is an overriding concern).

AUDIT AND ACCOUNTABILITY

WBSP-AS-000670 - The WebSphere Application Server high availability applications must be configured to fail over in log subsystem failure.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000740 - The WebSphere Application Server must be configured to protect log information from any type of unauthorized read access.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000750 - The WebSphere Application Server must protect log information from unauthorized modification.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000760 - The WebSphere Application Server must protect log information from unauthorized deletion.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000770 - The WebSphere Application Server wsadmin file must be protected from unauthorized access.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000780 - The WebSphere Application Server wsadmin file must be protected from unauthorized modification.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000790 - The WebSphere Application Server wsadmin file must be protected from unauthorized deletion.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000810 - The WebSphere Application Server must be configured to encrypt log information.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000820 - The WebSphere Application Server must be configured to sign log information.

AUDIT AND ACCOUNTABILITY

WBSP-AS-000910 - The WebSphere Application Server process must not be started from the command line with the -password option.

CONFIGURATION MANAGEMENT

WBSP-AS-000920 - The WebSphere Application Server files must be owned by the non-root WebSphere user ID.

CONFIGURATION MANAGEMENT

WBSP-AS-000930 - The WebSphere Application Server sample applications must be removed.

CONFIGURATION MANAGEMENT

WBSP-AS-000940 - The WebSphere Application Server must remove JREs left by web server and plug-in installers in the DMZ.

CONFIGURATION MANAGEMENT

WBSP-AS-000960 - The WebSphere Application Server must be run as a non-admin user.

CONFIGURATION MANAGEMENT

WBSP-AS-000970 - The WebSphere Application Server must disable JSP class reloading.

CONFIGURATION MANAGEMENT