Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-233273 | SRG-APP-000516-CTR-001325 | SV-233273r599695_rule | Medium |
Description |
---|
Container platform components are part of the overall container platform, offering services that enable the container platform to fully orchestrate user containers. These components may fall outside the scope of this document, but they still must be secured. Examples of such components are DNS, routers, and firewalls. These and any other services offered by the container platform must follow the appropriate STIG or SRG for the technology offered. If a STIG or SRG is not available for the technology, then best practices for the technology must be used. For example, the Cloud Native Computing Foundation (CNCF) is an open-source organization that is working on container platform best practices. |
STIG | Date |
---|---|
Container Platform Security Requirements Guide | 2020-11-24 |
Check Text ( C-36209r599694_chk ) |
---|
Review the container platform configuration to determine the services offered by the container platform and validate that any services that are offered are configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including SRGs, STIGs, NSA configuration guides, CTOs, and DTMs. If container platform services are not configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including SRGs, STIGs, NSA configuration guides, CTOs, and DTMs, this is a finding. |
Fix Text (F-36177r599456_fix) |
---|
Configure container services in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including SRGs, STIGs, NSA configuration guides, CTOs, and DTMs. |