Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-90237 | VRAU-VA-000320 | SV-100887r1_rule | Medium |
Description |
---|
Fail-secure is a condition achieved by the vAMI in order to ensure that in the event of an operational failure, the system does not enter into an unsecure state where intended security properties no longer hold. Preserving information system state information also facilitates system restart and return to the operational mode of the organization with less disruption of mission-essential processes. |
STIG | Date |
---|---|
VMW vRealize Automation 7.x vAMI Security Technical Implementation Guide | 2018-10-12 |
Check Text ( C-89929r1_chk ) |
---|
Interview the ISSO and/or the SA. Determine if the vAMI has ever not failed to a secure state during a system initialization failure, shutdown failure, or system abort. If the vAMI has ever not failed to a secure state under these conditions, this is a finding. |
Fix Text (F-96979r1_fix) |
---|
Reinstall the vRealize Automation instance as a complete package. |