UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide


Overview

Date Finding Count (16)
2024-06-10 CAT I (High): 1 CAT II (Med): 15 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Classified)

Finding ID Severity Title
V-256898 High Automation Controller must implement cryptography mechanisms to protect the integrity of information.
V-256903 Medium Automation Controller's log files must be accessible by explicitly defined privilege.
V-256902 Medium Automation Controller must be configured to fail over to another system in the event of log subsystem failure.
V-256901 Medium Automation Controller must allocate log record storage capacity and shut down by default upon log failure (unless availability is an overriding concern).
V-256900 Medium Automation Controller must use external log providers that can collect user activity logs in independent, protected repositories to prevent modification or repudiation.
V-256907 Medium Automation Controller must utilize encryption when using LDAP for authentication.
V-256906 Medium Automation Controller must be configured to authenticate users individually, prior to using a group authenticator.
V-256905 Medium Automation Controller must be configured to use an enterprise user management system.
V-256904 Medium Automation Controller must be capable of reverting to the last known good configuration in the event of failed installations and upgrades.
V-256911 Medium Automation Controller must install security-relevant software updates within the time period directed by an authoritative source (e.g. IAVM, CTOs, DTMs, and STIGs).
V-256909 Medium Automation Controller must compare internal application server clocks at least every 24 hours with an authoritative time source.
V-256908 Medium Automation Controller must use cryptographic mechanisms to protect the integrity of log tools.
V-256910 Medium Automation Controller must only allow the use of DOD PKI-established certificate authorities for verification of the establishment of protected sessions.
V-256897 Medium Automation Controller must use encryption strength in accordance with the categorization of the management data during remote access management sessions.
V-256896 Medium Automation Controller must limit the number of concurrent sessions to an organization-defined number for all accounts and/or account types.
V-256899 Medium The Automation Controller management interface must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.