DISA_STIG_VMware_vSphere_7.0_Photon_OS_v1r3.audit from DISA VMware vSphere 7.0 vCenter Appliance Photon OS v1r3 STIG

PHTN-30-000001 - The Photon operating system must audit all account creations.

800-53|AC-2(4)

CAT|II

CCI|CCI-000018

Rule-ID|SV-256478r887108_rule

STIG-ID|PHTN-30-000001

Vuln-ID|V-256478

PHTN-30-000002 - The Photon operating system must automatically lock an account when three unsuccessful logon attempts occur.

800-53|AC-7a.

800-53|AC-7b.

CCI|CCI-000044

CCI|CCI-002238

Rule-ID|SV-256479r887111_rule

STIG-ID|PHTN-30-000002

Vuln-ID|V-256479

PHTN-30-000003 - The Photon operating system must display the Standard Mandatory DOD Notice and Consent Banner before granting Secure Shell (SSH) access.

800-53|AC-8a.

800-53|AC-8c.1.

CCI|CCI-000048

CCI|CCI-001384

Rule-ID|SV-256480r887114_rule

STIG-ID|PHTN-30-000003

Vuln-ID|V-256480

PHTN-30-000004 - The Photon operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types.

800-53|AC-10

CCI|CCI-000054

Rule-ID|SV-256481r887117_rule

STIG-ID|PHTN-30-000004

Vuln-ID|V-256481

PHTN-30-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less.

800-53|AC-11a.

800-53|AC-12

800-53|MA-4e.

CCI|CCI-000057

CCI|CCI-000879

CCI|CCI-002361

Rule-ID|SV-256482r887120_rule

STIG-ID|PHTN-30-000005

Vuln-ID|V-256482

PHTN-30-000006 - The Photon operating system must have the sshd SyslogFacility set to 'authpriv'.

800-53|AC-17(1)

CCI|CCI-000067

Rule-ID|SV-256483r887123_rule

STIG-ID|PHTN-30-000006

Vuln-ID|V-256483

PHTN-30-000007 - The Photon operating system must have sshd authentication logging enabled.

Rule-ID|SV-256484r887126_rule

STIG-ID|PHTN-30-000007

Vuln-ID|V-256484

PHTN-30-000008 - The Photon operating system must have the sshd LogLevel set to 'INFO'.

Rule-ID|SV-256485r887129_rule

STIG-ID|PHTN-30-000008

Vuln-ID|V-256485

PHTN-30-000009 - The Photon operating system must configure sshd to use approved encryption algorithms.

800-53|AC-17(2)

800-53|MA-4(6)

800-53|SC-8

800-53|SC-13

CAT|III

CCI|CCI-000068

CCI|CCI-001453

CCI|CCI-002418

CCI|CCI-002450

CCI|CCI-002890

Rule-ID|SV-256486r887132_rule

STIG-ID|PHTN-30-000009

Vuln-ID|V-256486

PHTN-30-000010 - The Photon operating system must configure auditd to log to disk.

800-53|AU-3

CCI|CCI-000130

CCI|CCI-000132

CCI|CCI-000133

CCI|CCI-000134

Rule-ID|SV-256487r887135_rule

STIG-ID|PHTN-30-000010

Vuln-ID|V-256487

PHTN-30-000011 - The Photon operating system must configure auditd to use the correct log format.

CCI|CCI-000131

Rule-ID|SV-256488r887138_rule

STIG-ID|PHTN-30-000011

Vuln-ID|V-256488

PHTN-30-000012 - The Photon operating system must be configured to audit the execution of privileged functions.

800-53|AU-3(1)

CCI|CCI-000135

Rule-ID|SV-256489r887141_rule

STIG-ID|PHTN-30-000012

Vuln-ID|V-256489

PHTN-30-000013 - The Photon operating system must have the auditd service running.

800-53|AU-12a.

800-53|AU-12c.

800-53|CM-3(5)

800-53|CM-5(1)

800-53|SI-6a.

800-53|SI-6b.

CCI|CCI-000169

CCI|CCI-000172

CCI|CCI-001487

CCI|CCI-001744

CCI|CCI-001814

CCI|CCI-002696

CCI|CCI-002699

Rule-ID|SV-256490r887144_rule

STIG-ID|PHTN-30-000013

Vuln-ID|V-256490

PHTN-30-000014 - The Photon operating system audit log must log space limit problems to syslog.

800-53|AU-5(2)

800-53|AU-5a.

CCI|CCI-000139

CCI|CCI-001858

Rule-ID|SV-256491r887147_rule

STIG-ID|PHTN-30-000014

Vuln-ID|V-256491

PHTN-30-000015 - The Photon operating system audit log must attempt to log audit failures to syslog.

800-53|AU-5b.

CCI|CCI-000140

Rule-ID|SV-256492r887150_rule

STIG-ID|PHTN-30-000015

Vuln-ID|V-256492

PHTN-30-000016 - The Photon operating system audit log must have correct permissions.

800-53|AU-9

CCI|CCI-000162

Rule-ID|SV-256493r887153_rule

STIG-ID|PHTN-30-000016

Vuln-ID|V-256493

PHTN-30-000017 - The Photon operating system audit log must be owned by root.

CCI|CCI-000163

Rule-ID|SV-256494r887156_rule

STIG-ID|PHTN-30-000017

Vuln-ID|V-256494

PHTN-30-000018 - The Photon operating system audit log must be group-owned by root.

CCI|CCI-000164

Rule-ID|SV-256495r887159_rule

STIG-ID|PHTN-30-000018

Vuln-ID|V-256495

PHTN-30-000019 - The Photon operating system must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.

800-53|AU-12b.

CCI|CCI-000171

Rule-ID|SV-256496r887162_rule

STIG-ID|PHTN-30-000019

Vuln-ID|V-256496

PHTN-30-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur.

800-53|MA-4(1)(a)

CCI|CCI-002884

Rule-ID|SV-256497r887165_rule

STIG-ID|PHTN-30-000020

Vuln-ID|V-256497

PHTN-30-000021 - The Photon operating system must enforce password complexity by requiring that at least one uppercase character be used.

800-53|IA-5(1)(a)

CCI|CCI-000192

Rule-ID|SV-256498r887168_rule

STIG-ID|PHTN-30-000021

Vuln-ID|V-256498

PHTN-30-000022 - The Photon operating system must enforce password complexity by requiring that at least one lowercase character be used.

CCI|CCI-000193

Rule-ID|SV-256499r887171_rule

STIG-ID|PHTN-30-000022

Vuln-ID|V-256499

PHTN-30-000023 - The Photon operating system must enforce password complexity by requiring that at least one numeric character be used.

CCI|CCI-000194

Rule-ID|SV-256500r887174_rule

STIG-ID|PHTN-30-000023

Vuln-ID|V-256500

PHTN-30-000024 - The Photon operating system must require that new passwords are at least four characters different from the old password.

800-53|IA-5(1)(b)

CCI|CCI-000195

Rule-ID|SV-256501r887177_rule

STIG-ID|PHTN-30-000024

Vuln-ID|V-256501

PHTN-30-000025 - The Photon operating system must store only encrypted representations of passwords.

800-53|IA-5(1)(c)

CCI|CCI-000196

Rule-ID|SV-256502r887180_rule

STIG-ID|PHTN-30-000025

Vuln-ID|V-256502

PHTN-30-000026 - The Photon operating system must use an OpenSSH server version that does not support protocol 1.

800-53|IA-2(8)

800-53|IA-2(9)

800-53|IA-7

800-53|MA-4(7)

800-53|MA-4c.

800-53|SC-8(2)

CCI|CCI-000197

CCI|CCI-000803

CCI|CCI-000877

CCI|CCI-001941

CCI|CCI-001942

CCI|CCI-002420

CCI|CCI-002422

CCI|CCI-002891

Rule-ID|SV-256503r887183_rule

STIG-ID|PHTN-30-000026

Vuln-ID|V-256503

PHTN-30-000027 - The Photon operating system must be configured so that passwords for new users are restricted to a 24-hour minimum lifetime.

800-53|IA-5(1)(d)

CCI|CCI-000198

Rule-ID|SV-256504r887186_rule

STIG-ID|PHTN-30-000027

Vuln-ID|V-256504

PHTN-30-000028 - The Photon operating system must be configured so that passwords for new users are restricted to a 90-day maximum lifetime.

CCI|CCI-000199

Detections

Analytics

DISA STIG VMware vSphere 7.0 Photon OS v1r3

Audit Details

File Details

Audit Changelog

Revision 1.1

Miscellaneous