800-53|SC-30(5)

Title

CONCEALMENT OF SYSTEM COMPONENTS

Description

The organization employs [Assignment: organization-defined techniques] to hide or conceal [Assignment: organization-defined information system components].

Supplemental

By hiding, disguising, or otherwise concealing critical information system components, organizations may be able to decrease the probability that adversaries target and successfully compromise those assets. Potential means for organizations to hide and/or conceal information system components include, for example, configuration of routers or the use of honeynets or virtualization techniques.

Reference Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Parent Title: CONCEALMENT AND MISDIRECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.1 Alter the Advertised server.info StringUnixCIS Apache Tomcat 7 L2 v1.1.0 Middleware
2.1 Alter the Advertised server.info StringUnixCIS Apache Tomcat 7 L2 v1.1.0
2.2 Alter the Advertised server.number StringUnixCIS Apache Tomcat 7 L2 v1.1.0 Middleware
2.2 Alter the Advertised server.number StringUnixCIS Apache Tomcat 7 L2 v1.1.0
2.3 Alter the Advertised server.built DateUnixCIS Apache Tomcat 7 L2 v1.1.0
2.3 Alter the Advertised server.built DateUnixCIS Apache Tomcat 7 L2 v1.1.0 Middleware
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsUnixCIS Apache Tomcat 7 L2 v1.1.0
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsUnixCIS Apache Tomcat 7 L2 v1.1.0 Middleware
3.1 Hide BIND Version StringUnixCIS ISC BIND 9.0/9.5 v2.0.0
3.1.9 Disable instance discoverabilityUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.1.9 Disable instance discoverabilityUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.10 Disable instance discoverability - 'discover_inst = disable'UnixCIS IBM DB2 OS L2 v1.2.0
3.1.16 Disable database discoveryUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.16 Disable database discoveryUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.2.3 Disable database discover - 'discover_db = disable'UnixCIS IBM DB2 OS L2 v1.2.0
4.2 Remove Nameserver IDUnixCIS ISC BIND 9.0/9.5 v2.0.0
6.1 Hide BIND Version StringUnixCIS BIND DNS v3.0.1 Authoritative Name Server
6.1 Hide BIND Version StringUnixCIS BIND DNS v3.0.1 Caching Only Name Server
6.2 Hide Nameserver IDUnixCIS BIND DNS v3.0.1 Authoritative Name Server
6.2 Hide Nameserver IDUnixCIS BIND DNS v3.0.1 Caching Only Name Server
10.9 Do not allow custom header status messagesUnixCIS Apache Tomcat 7 L2 v1.1.0
Server version information parameters should be turned off - 'ServerSignature Off'WindowsTNS IBM HTTP Server Best Practice
Server version information parameters should be turned off - 'ServerSignature Off'UnixTNS IBM HTTP Server Best Practice Middleware
Server version information parameters should be turned off - 'ServerTokens Prod'WindowsTNS IBM HTTP Server Best Practice
WG520 A22 - Web server and/or operating system information must be protected.UnixDISA STIG Apache Server 2.2 Unix v1r11