| DISA_VMware_vSphere_8.0_vCenter_Appliance_Perfcharts_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | |
| VCPF-80-000001 The vCenter Perfcharts service must limit the number of maximum concurrent connections permitted. | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPF-80-000005 The vCenter Perfcharts service cookies must have secure flag set. | ACCESS CONTROL |
| VCPF-80-000013 The vCenter Perfcharts service must initiate session logging upon startup. | AUDIT AND ACCOUNTABILITY |
| VCPF-80-000014 The vCenter Perfcharts service must produce log records containing sufficient information regarding event details. | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCPF-80-000025 The vCenter Perfcharts service logs folder permissions must be set correctly. | AUDIT AND ACCOUNTABILITY |
| VCPF-80-000034 The vCenter Perfcharts service must limit privileges for creating or modifying hosted application shared files. | CONFIGURATION MANAGEMENT |
| VCPF-80-000036 The vCenter Perfcharts service must disable stack tracing. | CONFIGURATION MANAGEMENT |
| VCPF-80-000037 The vCenter Perfcharts service must be configured to use a specified IP address and port. | CONFIGURATION MANAGEMENT |
| VCPF-80-000057 The vCenter Perfcharts service must be configured to limit data exposure between applications. | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPF-80-000062 The vCenter Perfcharts service must be configured to fail to a known safe state if system initialization fails. | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPF-80-000065 The vCenter Perfcharts service must set URIEncoding to UTF-8. | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-80-000067 The vCenter Perfcharts service 'ErrorReportValve showServerInfo' must be set to 'false'. | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-80-000070 The vCenter Perfcharts service must set an inactive timeout for sessions. | ACCESS CONTROL |
| VCPF-80-000081 The vCenter Perfcharts service must offload log records onto a different system or media from the system being logged. | AUDIT AND ACCOUNTABILITY |
| VCPF-80-000124 The vCenter Perfcharts service must enable 'STRICT_SERVLET_COMPLIANCE'. | CONFIGURATION MANAGEMENT |
| VCPF-80-000125 The vCenter Perfcharts service must limit the amount of time that each Transmission Control Protocol (TCP) connection is kept alive. | ACCESS CONTROL |
| VCPF-80-000126 The vCenter Perfcharts service must limit the number of times that each Transmission Control Protocol (TCP) connection is kept alive. | ACCESS CONTROL |
| VCPF-80-000127 The vCenter Perfcharts service must configure the 'setCharacterEncodingFilter' filter. | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-80-000129 The vCenter Perfcharts service cookies must have 'http-only' flag set. | ACCESS CONTROL |
| VCPF-80-000130 The vCenter Perfcharts service DefaultServlet must be set to 'readonly' for 'PUT' and 'DELETE' commands. | ACCESS CONTROL |
| VCPF-80-000134 The vCenter Perfcharts service shutdown port must be disabled. | CONFIGURATION MANAGEMENT |
| VCPF-80-000136 The vCenter Perfcharts service debug parameter must be disabled. | CONFIGURATION MANAGEMENT |
| VCPF-80-000137 The vCenter Perfcharts service directory listings parameter must be disabled. | CONFIGURATION MANAGEMENT |
| VCPF-80-000138 The vCenter Perfcharts service deployXML attribute must be disabled. | CONFIGURATION MANAGEMENT |
| VCPF-80-000139 The vCenter Perfcharts service must have Autodeploy disabled. | CONFIGURATION MANAGEMENT |
| VCPF-80-000140 The vCenter Perfcharts service xpoweredBy attribute must be disabled. | CONFIGURATION MANAGEMENT |
| VCPF-80-000141 The vCenter Perfcharts service example applications must be removed. | CONFIGURATION MANAGEMENT |
| VCPF-80-000143 The vCenter Perfcharts service default documentation must be removed. | CONFIGURATION MANAGEMENT |
| VCPF-80-000144 The vCenter Perfcharts service files must have permissions in an out-of-the-box state. | CONFIGURATION MANAGEMENT |
| VCPF-80-000151 The vCenter Perfcharts service must disable 'ALLOW_BACKSLASH'. | CONFIGURATION MANAGEMENT |
| VCPF-80-000152 The vCenter Perfcharts service must enable 'ENFORCE_ENCODING_IN_GET_WRITER'. | CONFIGURATION MANAGEMENT |
| VCPF-80-000154 The vCenter Perfcharts service manager webapp must be removed. | CONFIGURATION MANAGEMENT |
| VCPF-80-000155 The vCenter Perfcharts service host-manager webapp must be removed. | CONFIGURATION MANAGEMENT |
