UCF STIG Viewer Logo

The system must not use removable media as the boot loader.


Overview

Finding ID Version Rule ID IA Controls Severity
GEN008640-ESXI5-000055 GEN008640-ESXI5-000055 GEN008640-ESXI5-000055_rule High
Description
Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader.
STIG Date
VMware ESXi v5 Security Technical Implementation Guide 2013-01-15

Details

Check Text ( C-GEN008640-ESXI5-000055_chk )
Note: Checking a system's BIOS is vendor and hardware dependent. To verify media boot options: Interrupt the host computer's boot process and enter the BIOS menu. Inspect the menu option for boot order. If any media other than the ESXi-v5 boot disk is listed as a boot option, this is a finding.
Fix Text (F-GEN008640-ESXI5-000055_fix)
Note: Checking a system's BIOS is vendor and hardware dependent. To ensure media boot options: Interrupt the host computer's boot process and enter the BIOS menu.
Inspect the menu option for boot order. Remove all boot media options except for ESXi-v5. Save the change and exit to verify the boot cycle.