UCF STIG Viewer Logo

Sun Ray 4 Policy STIG


Date Finding Count (11)
2015-04-02 CAT I (High): 0 CAT II (Med): 9 CAT III (Low): 2
STIG Description
The Sun Ray 4 Policy Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles

Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-16412 Medium The Sun Ray Session Server (SRSS) is used to host other applications.
V-16413 Medium The Sun Ray system and user logs are not reviewed weekly.
V-16397 Medium There is no up-to-date documentation or diagrams of the Sun Ray infrastructure.
V-16411 Medium Applications published to users are not approved by the IAO/SA.
V-16416 Medium There is no spare Sun Ray Desktop Unit available for use in the event of a Sun Ray Desktop Unit malfunction or failure.
V-16414 Medium The disaster recovery plan does not include the Sun Ray system (network infrastructure and peripherals).
V-16418 Medium The site has not configured the Sun Ray server in the PNP database.
V-16409 Medium The IAO/SA is not receiving Sun Ray security and patch notifications.
V-16417 Medium The Sun Ray system is not under direct control of a site Configuration Control Board.
V-16400 Low User Registration process is not clearly documented.
V-16415 Low There are no backup and recovery procedures for the Sun Ray system.