UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

HPE 3PAR SSMC Operating System Security Technical Implementation Guide


Overview

Date Finding Count (14)
2024-05-30 CAT I (High): 0 CAT II (Med): 12 CAT III (Low): 2
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Sensitive)

Finding ID Severity Title
V-255237 Medium Any publicly accessible connection to SSMC must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.
V-255250 Medium SSMC must allocate audit record storage capacity to store at least one weeks' worth of audit records, when audit records are not immediately sent to a central audit record storage facility.
V-255248 Medium SSMC must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.
V-255238 Medium SSMC must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system.
V-255239 Medium SSMC must employ strong authenticators in the establishment of nonlocal maintenance and diagnostic sessions.
V-255241 Medium SSMC must enforce a minimum 15-character password length.
V-255240 Medium SSMC must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
V-255243 Medium SSMC must be configured to offload logs to a SIEM that is configured to alert the ISSO or SA when the local built-in admin account (ssmcadmin) is accessed.
V-255242 Medium SSMC must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.
V-255245 Medium For PKI-based authentication, SSMC must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
V-255244 Medium SSMC must synchronize internal information system clocks to the authoritative time source when the time difference is greater than one second.
V-255247 Medium SSMC must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity.
V-255249 Low SSMC must provide audit record generation capability for DOD-defined auditable events for all operating system components.
V-255246 Low SSMC must enforce the limit of three consecutive invalid logon attempts by a nonadministrative user.