UCF STIG Viewer Logo

The vAMI must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.


Overview

Finding ID Version Rule ID IA Controls Severity
V-90237 VRAU-VA-000320 SV-100887r1_rule Medium
Description
Fail-secure is a condition achieved by the vAMI in order to ensure that in the event of an operational failure, the system does not enter into an unsecure state where intended security properties no longer hold. Preserving information system state information also facilitates system restart and return to the operational mode of the organization with less disruption of mission-essential processes.
STIG Date
VMW vRealize Automation 7.x vAMI Security Technical Implementation Guide 2018-10-12

Details

Check Text ( C-89929r1_chk )
Interview the ISSO and/or the SA.

Determine if the vAMI has ever not failed to a secure state during a system initialization failure, shutdown failure, or system abort.

If the vAMI has ever not failed to a secure state under these conditions, this is a finding.
Fix Text (F-96979r1_fix)
Reinstall the vRealize Automation instance as a complete package.