| DISA_STIG_VMware_vSphere_6.7_Virgo_Client_v1r2.audit from DISA VMware vSphere 6.7 Virgo-Client v1r2 STIG | |
| VCFL-67-000001 - vSphere Client must limit the amount of time that each TCP connection is kept alive. | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000002 - vSphere Client must limit the number of concurrent connections permitted. | ACCESS CONTROL |
| VCFL-67-000003 - vSphere Client must limit the maximum size of a POST request. | ACCESS CONTROL |
| VCFL-67-000004 - vSphere Client must protect cookies from XSS. | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000005 - vSphere Client must be configured with FIPS 140-2 compliant ciphers for HTTPS connections. | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000006 - vSphere Client must be configured to enable SSL/TLS. | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000007 - vSphere Client must be configured to only communicate over TLS 1.2. | ACCESS CONTROL |
| VCFL-67-000008 - vSphere Client must be configured to use the HTTPS scheme. | ACCESS CONTROL |
| VCFL-67-000009 - vSphere Client must record user access in a format that enables monitoring of remote access. | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCFL-67-000010 - vSphere Client must generate log records during Java startup and shutdown. | AUDIT AND ACCOUNTABILITY |
| VCFL-67-000012 - vSphere Client application files must be verified for their integrity. | CONFIGURATION MANAGEMENT |
| VCFL-67-000013 - vSphere Client must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled. | CONFIGURATION MANAGEMENT |
| VCFL-67-000014 - vSphere Client must have mappings set for Java servlet pages. | CONFIGURATION MANAGEMENT |
| VCFL-67-000015 - vSphere Client must not have the Web Distributed Authoring (WebDAV) servlet installed. | CONFIGURATION MANAGEMENT |
| VCFL-67-000016 - vSphere Client must be configured with memory leak protection. | CONFIGURATION MANAGEMENT |
| VCFL-67-000017 - vSphere Client must not have any symbolic links in the web content directory tree. | CONFIGURATION MANAGEMENT |
| VCFL-67-000018 - vSphere Client must ensure appropriate permissions are set on the keystore. | IDENTIFICATION AND AUTHENTICATION |
| VCFL-67-000019 - vSphere Client directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state. | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000020 - vSphere Client must limit the number of allowed connections. | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000021 - vSphere Client must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8. | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000022 - vSphere Client must set the 'welcome-file' node to a default web page - welcome-file node to a default web page. | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000023 - vSphere Client must not show directory listings. | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000024 - vSphere Client must be configured to show error pages with minimal information. | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000025 - vSphere Client must not enable support for TRACE requests. | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000026 - vSphere Client must have the debug option turned off. | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000027 - Rsyslog must be configured to monitor and ship vSphere Client log files - access | AUDIT AND ACCOUNTABILITY |
| VCFL-67-000027 - Rsyslog must be configured to monitor and ship vSphere Client log files - runtime | AUDIT AND ACCOUNTABILITY |
| VCFL-67-000028 - vSphere Client must be configured with the appropriate ports. | CONFIGURATION MANAGEMENT |
| VCFL-67-000029 - vSphere Client must disable the shutdown port. | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000030 - vSphere Client must set the secure flag for cookies. | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000999 - The version of Virgo-Client running on the system must be a supported version. | SYSTEM AND INFORMATION INTEGRITY |
