| V-234565 | High | Citrix Delivery Controller must implement DoD-approved encryption. | Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.
Remote access is access to DoD nonpublic information... |
| V-234569 | Medium | Citrix Delivery Controller must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | Configuring the application to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security... |
| V-234567 | Medium | Citrix Delivery Controller must be configured to disable non-essential capabilities. | It is detrimental for applications to provide or install by default functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and... |
