The container platform must implement NSA-approved cryptography to protect classified information in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-233211 | SRG-APP-000416-CTR-001015 | SV-233211r601812_rule | Medium |
| Description |
|---|
| Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data and images. The container platform must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated. |
| STIG | Date |
|---|---|
| Container Platform Security Requirements Guide | 2021-12-14 |
Details
| Check Text ( C-36147r601811_chk ) |
|---|
| Review documentation to verify that the container platform is using NSA-approved cryptography to protect classified data and applications. If the container platform is not using NSA-approved cryptography for classified data and applications, this is a finding. |
| Fix Text (F-36115r601121_fix) |
|---|
| Configure the container platform to utilize NSA-approved cryptography to protect classified information. |