CCI|CCI-001190

Title

Fail to an organization-defined known-system state for the following failures on the indicated components while preserving organization-defined system state information in failure.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2024

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
AS24-U1-000550 - The Apache web server must be built to fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000550 - The Apache web server must be built to fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG Apache Server 2.4 Unix Server v3r1
AS24-U2-000540 - The Apache web server must augment re-creation to a stable and known baseline.	Unix	DISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000540 - The Apache web server must augment re-creation to a stable and known baseline.	Unix	DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-W1-000550 - The Apache web server must be built to fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Windows	DISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000550 - The Apache web server must be built to fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Windows	DISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W2-000540 - The Apache web server must augment re-creation to a stable and known baseline.	Windows	DISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000560 - The Apache web server must be configured to provide clustering - mod_proxy	Windows	DISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000560 - The Apache web server must be configured to provide clustering - ProxyPass	Windows	DISA STIG Apache Server 2.4 Windows Site v2r1
Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 High
Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails	Unix	NIST macOS Catalina v1.5.0 - All Profiles
FNFG-FW-000090 - The FortiGate firewall must fail to a secure state if the firewall filtering functions fail unexpectedly - av-failopen	FortiGate	DISA Fortigate Firewall STIG v1r3
FNFG-FW-000090 - The FortiGate firewall must fail to a secure state if the firewall filtering functions fail unexpectedly - av-failopen-session	FortiGate	DISA Fortigate Firewall STIG v1r3
FNFG-FW-000090 - The FortiGate firewall must fail to a secure state if the firewall filtering functions fail unexpectedly - fail-open	FortiGate	DISA Fortigate Firewall STIG v1r3
IIST-SV-000136 - The IIS 10.0 web server must augment re-creation to a stable and known baseline.	Windows	DISA IIS 10.0 Server v2r10
IIST-SV-000136 - The IIS 10.0 web server must augment re-creation to a stable and known baseline.	Windows	DISA IIS 10.0 Server v3r1
IISW-SV-000136 - The IIS 8.5 web server must augment re-creation to a stable and known baseline.	Windows	DISA IIS 8.5 Server v2r7
MADB-10-005000 - MariaDB must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.	MySQLDB	DISA MariaDB Enterprise 10.x v2r1 DB
MD3X-00-000420 - MongoDB must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS
MD4X-00-000800 - MongoDB must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS
Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails	Unix	NIST macOS Monterey v1.0.0 - All Profiles
SYMP-AG-000510 - Symantec ProxySG must fail to a secure state upon failure of initialization, shutdown, or abort actions.	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
TCAT-AS-000860 - Clusters must operate on a trusted network.	Unix	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware
UBTU-18-010505 - Kernel core dumps must be disabled unless needed.	Unix	DISA STIG Ubuntu 18.04 LTS v2r15
UBTU-20-010413 - The Ubuntu operating system must disable kernel core dumps so that it can fail to a secure state if system initialization fails, shutdown fails or aborts fail.	Unix	DISA STIG Ubuntu 20.04 LTS v2r1
UBTU-22-213015 - Ubuntu 22.04 LTS must disable kernel core dumps so that it can fail to a secure state if system initialization fails, shutdown fails or aborts fail.	Unix	DISA STIG Canonical Ubuntu 22.04 LTS v2r2
VCEM-67-000018 - ESX Agent Manager must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4
VCEM-70-000018 - ESX Agent Manager must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2
VCLU-70-000018 - Lookup Service must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG VMware vSphere 7.0 Lookup Service v1r2
VCLU-80-000062 The vCenter Lookup service must be configured to fail to a known safe state if system initialization fails.	Unix	DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1
VCPF-67-000017 - Performance Charts must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3
VCPF-70-000018 - Performance Charts must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1
VCPF-80-000062 The vCenter Perfcharts service must be configured to fail to a known safe state if system initialization fails.	Unix	DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1
VCST-67-000018 - The Security Token Service must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG VMware vSphere 6.7 STS Tomcat v1r3
VCST-70-000018 - The Security Token Service must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG VMware vSphere 7.0 STS Tomcat v1r2
VCST-80-000062 The vCenter STS service must be configured to fail to a known safe state if system initialization fails.	Unix	DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1
VCUI-67-000017 - vSphere UI must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG VMware vSphere 6.7 UI Tomcat v1r3
VCUI-70-000019 - vSphere UI must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.	Unix	DISA STIG VMware vSphere 7.0 vCA UI v1r2
VCUI-80-000062 The vCenter UI service must be configured to fail to a known safe state if system initialization fails.	Unix	DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1
WBLC-08-000229 - Oracle WebLogic must be configured to perform complete application deployments.	Unix	Oracle WebLogic Server 12c Linux v2r1
WBLC-08-000229 - Oracle WebLogic must be configured to perform complete application deployments.	Unix	Oracle WebLogic Server 12c Linux v2r1 Middleware
WBLC-08-000229 - Oracle WebLogic must be configured to perform complete application deployments.	Windows	Oracle WebLogic Server 12c Windows v2r1
WBSP-AS-001470 - The WebSphere Application Server must be configured to perform complete application deployments when using A/B clusters.	Unix	DISA IBM WebSphere Traditional 9 STIG v1r1
WBSP-AS-001470 - The WebSphere Application Server must be configured to perform complete application deployments when using A/B clusters.	Windows	DISA IBM WebSphere Traditional 9 Windows STIG v1r1

Detections

Analytics

CCI|CCI-001190

Title

Reference Item Details

Audit Items